Overview

overview

8

Static

static

3

KNF Setup ...er.exe

windows7-x64

8

KNF Setup ...er.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    KNF Setup Installer.exe

  • Size

    84.7MB

  • Sample

    240704-zspkcsydjm

  • MD5

    d90a0827e3bf236ef6296c9697188dc5

  • SHA1

    4e32c60f55547c95d7b120efbfbdcf5638b9c3c3

  • SHA256

    ea4b5b075808b5b2280ec76de0a67e3b94cb6bfd0370dd2facbd8e009eb45e7d

  • SHA512

    382e892dc0440e35e7b32d83a4e2481ef7808b7f550bb132577d07f60737f548eafec9f41e7a8015e0434ce8b2ab0dbc09e02d2202c9f914c099fefbf9d8e50f

  • SSDEEP

    1572864:AdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJG:

Score
8/10
execution

Malware Config

Targets

    • Target

      KNF Setup Installer.exe

    • Size

      84.7MB

    • MD5

      d90a0827e3bf236ef6296c9697188dc5

    • SHA1

      4e32c60f55547c95d7b120efbfbdcf5638b9c3c3

    • SHA256

      ea4b5b075808b5b2280ec76de0a67e3b94cb6bfd0370dd2facbd8e009eb45e7d

    • SHA512

      382e892dc0440e35e7b32d83a4e2481ef7808b7f550bb132577d07f60737f548eafec9f41e7a8015e0434ce8b2ab0dbc09e02d2202c9f914c099fefbf9d8e50f

    • SSDEEP

      1572864:AdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJxuLk0HPSdJG:

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks