Overview

overview

10

Static

static

10

18382f6c7f...58.ps1

windows7-x64

10

18382f6c7f...58.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18382f6c7f8b52c779243c6cc7d4cbc51a95d31d40bc748bc2ec65c63219c358.ps1

  • Size

    72KB

  • MD5

    51299f3a266034e35d706a1d0aa5580b

  • SHA1

    3c9ef68f69b9f8c2941e9d765ae0ae8df9bfdf14

  • SHA256

    18382f6c7f8b52c779243c6cc7d4cbc51a95d31d40bc748bc2ec65c63219c358

  • SHA512

    b125b9e91fd5b3516ed5218d47316a9f4c6f052ae7c4d517eae18abb8643f1145adf117eb2d852ee684e1ffef4d85c0aab33935cebc0effc11e3f160a5bb0b23

  • SSDEEP

    1536:F8SdVn5ahg5yYp6zdv/5l05Qo8l01zhwZPhZcLrJS7srHX6Cg:F8SdVn5Uwiv/5IQo8l01zhw5hUr9KCg

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://github.com/ChildrenOfYahweh/Kematian-Stealer/raw/main/frontend-src/blockhosts.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/webcam.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • 18382f6c7f8b52c779243c6cc7d4cbc51a95d31d40bc748bc2ec65c63219c358.ps1
    .ps1