Overview

overview

10

Static

static

10

stealer_2.ps1

windows7-x64

10

stealer_2.ps1

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    stealer_2.ps1

  • Size

    72KB

  • MD5

    88f519a870796da4ece17b83134606a3

  • SHA1

    cefd718f06f7d3b388b01905eb1337b76cb667d8

  • SHA256

    2e10e57f9562d3c9514f926083b33bd8b64e1db03607f256ea3183bf6fd0d37a

  • SHA512

    3889d9673487012ccd0230a9c6cef9d2e0422b8008ccb5059c575bc52a7dc705f84c085bc3ab68b87affbb18380ac4a12e25a97cef48f6dc5595378d9b7dc619

  • SSDEEP

    1536:i8SdVn5ahg5yYp6zdv/5l05Qo8l01zhwZPhZcLrJS7srHX6Cx:i8SdVn5Uwiv/5IQo8l01zhw5hUr9KCx

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://discord.com/api/webhooks/1244103104383684701/WbgkZ2a0h1C1DX1h-5rkvof9HOebQc4uQBr4kkvr2Bg8m3KUmf2op1fyT-48rXYAMIW4
exe.dropper

https://github.com/ChildrenOfYahweh/Kematian-Stealer/raw/main/frontend-src/blockhosts.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/webcam.ps1
exe.dropper

https://github.com/Somali-Devs/Kematian-Stealer/raw/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • stealer_2.ps1
    .ps1