Overview

overview

10

Static

static

10

kovaaks cr...n).exe

windows7-x64

7

kovaaks cr...n).exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Resubmissions

22-09-2024 05:34

240922-f9g23atfrj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    kovaaks cracked(run as admin).exe

  • Size

    17.8MB

  • Sample

    240922-f9g23atfrj

  • MD5

    910a994f017ceb63838dc14640a808f9

  • SHA1

    8a70d025f36c206ce16784a4c818f67a36f157ff

  • SHA256

    d6fbe0afe56a6f804f8a9d0a3e77937a409f9c15aa04cafc3a8ac308fed7d4e4

  • SHA512

    10407b9cceccdeaa4bb54097723fac28a9a93c00b093bfb4b863e8e3bc2c044665d0fe7c59874ff4d380bfe6bdecda856073f10eed82f06b71284e217c67793c

  • SSDEEP

    393216:xqPnLFXlreQ+DOETgsvfG76gVKPQvEdqzIh4Um:YPLFXNeQ/EJGKBwIo

Score
10/10
empyreandiscoverypersistencepyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      kovaaks cracked(run as admin).exe

    • Size

      17.8MB

    • MD5

      910a994f017ceb63838dc14640a808f9

    • SHA1

      8a70d025f36c206ce16784a4c818f67a36f157ff

    • SHA256

      d6fbe0afe56a6f804f8a9d0a3e77937a409f9c15aa04cafc3a8ac308fed7d4e4

    • SHA512

      10407b9cceccdeaa4bb54097723fac28a9a93c00b093bfb4b863e8e3bc2c044665d0fe7c59874ff4d380bfe6bdecda856073f10eed82f06b71284e217c67793c

    • SSDEEP

      393216:xqPnLFXlreQ+DOETgsvfG76gVKPQvEdqzIh4Um:YPLFXNeQ/EJGKBwIo

    Score
    7/10
    discoveryupxpersistencespywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      a7c7b0ea0b1afd03681b155047b34c3c

    • SHA1

      30acd77444530dddc079ab740ecd7917f464afbe

    • SHA256

      2494d8018c64e25ea1b1858a21dea451c1c7e18f89195ed8447ca55c1ac43301

    • SHA512

      51d57cb33ba28524103e1e261a05285c45ae506e55f25c0f39ebc3b9a61c4b53c7f4ec91b23660830b8bd15158d4a9fec6d5f72fa4ed4967297bbff5f1ffe1bb

    • SSDEEP

      192:wJsD80tuWdXw4og1ksDJhwvgcxoMdwOM6nw:XEWuQ1kS2vgcxoPww

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks