Overview

overview

10

Static

static

10

kdot.ps1

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    kdot.ps1

  • Size

    72KB

  • MD5

    f0ec57b428d8920b0d55742f44b6fb98

  • SHA1

    af6a3967a8614d3e88244f357f17d262f6d92eac

  • SHA256

    c1017e89be9f91e52419ccddb94151014860e25ea6644138cdae8d3f89aedbad

  • SHA512

    dedab534f7fcac52fe543ea26f3e9450c0c4e73d17ab3810ab8f66fb3f7c51114c4242d6f78ac6266561be21ab27555245c736c0d6930f5a3effa4eb22d8acf7

  • SSDEEP

    1536:Y8SdVn5ahg5yYp6zdv/5l05Qo8l01zhwZPhZcLrJS7srHX6Cx:Y8SdVn5Uwiv/5IQo8l01zhw5hUr9KCx

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://hard-arrivals.gl.at.ply.gg:52006/data
exe.dropper

https://github.com/ChildrenOfYahweh/Kematian-Stealer/raw/main/frontend-src/blockhosts.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/webcam.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • kdot.ps1
    .ps1