Overview

overview

7

Static

static

3

c0c1bd975b...18.exe

windows7-x64

7

c0c1bd975b...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMPLATES/inst.exe

windows7-x64

7

$TEMPLATES/inst.exe

windows10-2004-x64

7

$TEMPLATES...ps.exe

windows7-x64

4

$TEMPLATES...ps.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    145s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/08/2024, 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMPLATES/kksetups.exe

  • Size

    221KB

  • MD5

    4b031ef86bcd26240193dcd174e03a4f

  • SHA1

    f98ddb694ddb2338dbbc999c804c586f2f3d0b52

  • SHA256

    c4790776452b695e945a9f92e686b7ef365b40b2ee938351db3d208e1f372c2c

  • SHA512

    e6c0a3a116ddad6ce3f46e6734c3683ab78d2986396b64111e9f164efd3f8db4d5d9b24f5efb9a4f93010d8fa46a45b0da11f8e32b1ec9644637f00db1c237bf

  • SSDEEP

    6144:xQqfucAGRdFSCsih/+Gc7H3LgQ2n0VRuuLdvwf8uTPpvuKa:WcldcCs+/+z7XLgXn0VUTR4

Score
4/10
discovery

Malware Config

Signatures

  • Drops file in Program Files directory 10 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\$TEMPLATES\kksetups.exe
    "C:\Users\Admin\AppData\Local\Temp\$TEMPLATES\kksetups.exe"
    1⤵
    • Drops file in Program Files directory
    • System Location Discovery: System Language Discovery
    PID:1088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads