malware-analysis-writeups/Kovter.md at main · itaymigdal/malware-analysis-writeups
Tags
attack-pattern: Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Powershell - T1059.001 Regsvr32 - T1218.010 Software - T1592.002 Mshta - T1170 Powershell - T1086 Regsvr32 - T1117
Show in Graph
Common Information
Type Value
UUID e2a48c73-6e67-4318-8b97-40a3f50de84f
Fingerprint ac6a5153e19986c9
Analysis status DONE
Considered CTI value 0
Text language
Published Jan. 1, 2022, midnight
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline Kovter
Title malware-analysis-writeups/Kovter.md at main · itaymigdal/malware-analysis-writeups
Detected Hints/Tags/Attributes 35/1/9
Source URLs
Redirection Url
Details Source https://github.com/itaymigdal/malware-analysis-writeups/blob/main/Kovter/Kovter.md
URL Provider
Details Provider Source level domain
Details github.com github.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
kovter.md
Details File 461 
regsvr32.exe
Details File 457 
mshta.exe
Details File 1212 
powershell.exe
Details File 748 
kernel32.dll
Details File 3 
kernel32.exe
Details File 229 
advapi32.dll
Details sha256 1 
40050153dceec2c8fbb1912f8eeabe449d1e265f0c8198008be8b34e5403e731
Details Windows Registry Key 1 
HKCU\software\vmwbcodxx\eznyhwwfez