Overview

overview

10

Static

static

10

kdot.ps1

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    kdot.ps1

  • Size

    72KB

  • MD5

    dc9af15e5ffdbd6d1ad83eabc919947a

  • SHA1

    a6890b3f6ba2faf505a590edf887984ddd1003d2

  • SHA256

    a388153c68b09e240ccf8feb8405c0fe3f5094843d7cea9b85984565b73a4f27

  • SHA512

    d3ce1eeb2b136a262730aa889969371860f9683c7c63a54d3971932d04e05249dc37d4af2813ed308e25fc9b5aeb5d18e063a17a9b2cdad3d51ca6838ecbdce3

  • SSDEEP

    1536:H8SdVn5ahg5yYp6zdv/5l05Qo8l01zhwZPhZcLrJS7srHX6Cx:H8SdVn5Uwiv/5IQo8l01zhw5hUr9KCx

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://hard-arrivals.gl.at.ply.gg:52006/data
exe.dropper

https://github.com/ChildrenOfYahweh/Kematian-Stealer/raw/main/frontend-src/blockhosts.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/webcam.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • kdot.ps1
    .ps1