Overview

overview

7

Static

static

3

KMT Client v4.0.exe

windows7-x64

7

KMT Client v4.0.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    KMT Client v4.0.EXE

  • Size

    8.1MB

  • Sample

    240909-rvlmgsvgkf

  • MD5

    0fb34582812451214830ea41086c9278

  • SHA1

    3da2109d4b19a6c98e8a7b67183260ac6ca13fd5

  • SHA256

    b058c246f7ef1c919d8a134f5f28fa8fef4d37f2bcb8991a98e5800190685229

  • SHA512

    83e29d7f6fb8474d58a4d4783b0ed3ea8b3ad0d369eacab2bec68c7519c0c070e4433168d008cf6952deb9f76a7d8c659e0e47869c9c4ac54976b0690c10d2b0

  • SSDEEP

    196608:DoQ4/MfBVhKzp1e55CeKOyfUqlqBaJzw1cYDMz+yOj/vt+TXG:DRXBOl1e55bbfjDg+njYG

Score
7/10
discovery

Malware Config

Targets

    • Target

      KMT Client v4.0.EXE

    • Size

      8.1MB

    • MD5

      0fb34582812451214830ea41086c9278

    • SHA1

      3da2109d4b19a6c98e8a7b67183260ac6ca13fd5

    • SHA256

      b058c246f7ef1c919d8a134f5f28fa8fef4d37f2bcb8991a98e5800190685229

    • SHA512

      83e29d7f6fb8474d58a4d4783b0ed3ea8b3ad0d369eacab2bec68c7519c0c070e4433168d008cf6952deb9f76a7d8c659e0e47869c9c4ac54976b0690c10d2b0

    • SSDEEP

      196608:DoQ4/MfBVhKzp1e55CeKOyfUqlqBaJzw1cYDMz+yOj/vt+TXG:DRXBOl1e55bbfjDg+njYG

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks