Overview

overview

10

Static

static

7

AMI/AFUWINx64.exe

windows7-x64

1

AMI/AFUWINx64.exe

windows10-2004-x64

1

AMI/AMIDEWINx64.exe

windows7-x64

1

AMI/AMIDEWINx64.exe

windows10-2004-x64

1

AMI/USB/ChgLogo.dll

windows7-x64

1

AMI/USB/ChgLogo.dll

windows10-2004-x64

1

AMI/USB/Compress.dll

windows7-x64

1

AMI/USB/Compress.dll

windows10-2004-x64

1

AMI/USB/afuefix64.dll

windows7-x64

1

AMI/USB/afuefix64.dll

windows10-2004-x64

1

AMI/USB/am...64.dll

windows7-x64

1

AMI/USB/am...64.dll

windows10-2004-x64

1

AMI/USB/ef...64.dll

windows7-x64

1

AMI/USB/ef...64.dll

windows10-2004-x64

1

AMI/USB/flash2.dll

windows7-x64

1

AMI/USB/flash2.dll

windows10-2004-x64

1

AMI/USB/logo.vbs

windows7-x64

1

AMI/USB/logo.vbs

windows10-2004-x64

1

AMI/amifldrv64.sys

windows7-x64

1

AMI/amifldrv64.sys

windows10-2004-x64

1

AMI/amigendrv64.sys

windows10-2004-x64

1

CLEANERS/1.bat

windows7-x64

1

CLEANERS/1.bat

windows10-2004-x64

1

CLEANERS/2.bat

windows7-x64

7

CLEANERS/2.bat

windows10-2004-x64

5

CLEANERS/3.bat

windows7-x64

10

CLEANERS/3.bat

windows10-2004-x64

10

CLEANERS/4.exe

windows7-x64

9

CLEANERS/4.exe

windows10-2004-x64

9

NETWORK/MAC.bat

windows7-x64

3

NETWORK/MAC.bat

windows10-2004-x64

3

SID/SIDCHG64.exe

windows7-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Kainite Perm.7z

  • Size

    20.1MB

  • MD5

    5cce847b08e6e2e4b8042dc190a4f899

  • SHA1

    db9fc33b75fe7d002780b7ef0a1fdf72b7d8a142

  • SHA256

    e462f6beec3a05d44ce85098995017613dfbb9eb24a7eb501d9e614fdc51dfd5

  • SHA512

    60847f65b952f82d2e4d96a72aaba4f4991498982e4c3408e7c693fb3e342ec1fdb35238a31e7758b27f2a7c41b962d238f44e899b86d15cdcaef62ef2a9d1a9

  • SSDEEP

    393216:RCw8GVWjwqzpPQBa97/CLS0VyRc9ULdkHuk9kae+2ner:Qw8OWXdMa9B0VOaUL6u5/er

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • Kainite Perm.7z
    .7z
  • AMI/AFUWINx64.exe
    .exe windows:6 windows x64 arch:x64

    23b668bdb5eb734bf2774bb8d453f9c5


    Headers

    Imports

    Sections

  • AMI/AMIDEWINx64.EXE
    .exe windows:6 windows x64 arch:x64

    272dae991c0311688a7a20faa5468b8e


    Headers

    Imports

    Sections

  • AMI/BIOS.rom
  • AMI/USB/ChgLogo.efi
    .dll windows:0 windows x64 arch:x64


    Headers

    Sections

  • AMI/USB/Compress.efi
    .dll windows:0 windows x64 arch:x64


    Headers

    Sections

  • AMI/USB/afuefix64.efi
    .dll windows:0 windows x64 arch:x64


    Headers

    Sections

  • AMI/USB/amideefix64.efi
    .dll windows:0 windows x64 arch:x64


    Headers

    Sections

  • AMI/USB/efi/boot/BOOTX64.efi
    .dll windows:0 windows x64 arch:x64


    Headers

    Sections

  • AMI/USB/efi/boot/startup.nsh
  • AMI/USB/flash2.efi
    .dll windows:0 windows x64 arch:x64


    Headers

    Sections

  • AMI/USB/imageM1U.ROM
  • AMI/USB/logo.nsh
    .vbs
  • AMI/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    b05ee5c816a30bc52378c759486af0b9


    Code Sign

    Headers

    Imports

    Sections

  • AMI/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    35ce4f00ca063f6bffa0759d88c3a148


    Code Sign

    Headers

    Imports

    Sections

  • CLEANERS/1.bat
  • CLEANERS/2.bat
  • CLEANERS/3.bat
    .bat .vbs
  • CLEANERS/4.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • NETWORK/MAC.bat
  • README.txt
  • SID/SIDCHG64.exe
    .exe windows:5 windows x64 arch:x64

    d785b34347fd49d2db0e5be38b607572


    Code Sign

    Headers

    Imports

    Sections

  • Unban.bat
  • VOLUME/Volumeid.exe
    .exe windows:5 windows x86 arch:x86

    196b8047c609ccadce7fd294c9a3e6a2


    Code Sign

    Headers

    Imports

    Sections

  • VOLUME/Volumeid64.exe
    .exe windows:5 windows x64 arch:x64

    735aed1002ee8ff1be0e1dee668e8b0d


    Code Sign

    Headers

    Imports

    Sections

  • randstr.bat