Overview

overview

10

Static

static

10

Kunzi/Kunz...er.exe

windows10-ltsc 2021-x64

10

Kunzi/Kunz...er.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Kunzi.rar

  • Size

    42KB

  • MD5

    b64b6d4604f2853cef225a1f750d8dc2

  • SHA1

    a29a39a05f90348e22ef83b4749b5bfd2243868f

  • SHA256

    cb0c7cc189c3d6e549323887c5baec9cfe91252da69a2aaf3d7dfff07c7f6806

  • SHA512

    037c9ecd08398a2dd6b43d458ec47566b7645761944cdd416942bc4a37caea978dd109f35c15c8acdb2c8018bf126320971f771cdb3437baf0266a561a397bef

  • SSDEEP

    768:WLPecqERMFUzBeN7dAL1X2zJZfMV9vZTNTQVVyLDuqlqdFCJ7pm6XlaphdI:WahLFwBeNgXVBEfauqlqdMScanC

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

defined-literary.gl.at.ply.gg:39055

Attributes
  • Install_directory

    %LocalAppData%

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Kunzi.rar
    .rar
  • Kunzi/Kunzi.sys
  • Kunzi/KunziSpoofer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections