Overview
overview
10Static
static
7Lowkey Cra...li.zip
windows7-x64
1Lowkey Cra...li.zip
windows10-2004-x64
1Lowkey Cra...ed.exe
windows7-x64
7Lowkey Cra...ed.exe
windows10-2004-x64
7Lowkey Cra...RU.exe
windows7-x64
10Lowkey Cra...RU.exe
windows10-2004-x64
10Lowkey Cra...rt.exe
windows7-x64
10Lowkey Cra...rt.exe
windows10-2004-x64
10Lowkey Cra...in.bat
windows7-x64
1Lowkey Cra...in.bat
windows10-2004-x64
1Lowkey Cra...in.txt
windows7-x64
1Lowkey Cra...in.txt
windows10-2004-x64
1Lowkey Cra...rl.dll
windows7-x64
1Lowkey Cra...rl.dll
windows10-2004-x64
1Lowkey Cra...d.1337
windows7-x64
3Lowkey Cra...d.1337
windows10-2004-x64
3Lowkey Cra...b1.dll
windows7-x64
1Lowkey Cra...b1.dll
windows10-2004-x64
1General
-
Target
Lowkey Cracked_ BYKali.zip
-
Size
6.2MB
-
Sample
240701-ddyc3atfqg
-
MD5
f282376252a6a5c99faf96f0a1418201
-
SHA1
719700bf55be12e04f74a9a9390b113a95b0ce03
-
SHA256
178d950e74dce8c1728c3b64614b775710f2dbdd72777358c5ceee81af0586f0
-
SHA512
8ff256112108bf7965c7fbbf43de71712573bb41334d40596134ff9a495b4ae731d559d7d37d34b5cfa800e82003d87d2ba20caa3f2cade66192d1a354389df2
-
SSDEEP
196608:+bL/0PD55fyGV3PlWAbPQIkvZY2+Ja56H:+X8tVyYNhbPCmtJCO
Behavioral task
behavioral1
Sample
Lowkey Cracked_ BYKali.zip
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Lowkey Cracked_ BYKali.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Lowkey Cracked_ BYKali/Loader_protected.exe
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Lowkey Cracked_ BYKali/Loader_protected.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
Lowkey Cracked_ BYKali/Wifi & Bluetooth disabler/Disabler_Run_Admin.bat
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
Lowkey Cracked_ BYKali/Wifi & Bluetooth disabler/Disabler_Run_Admin.bat
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
Lowkey Cracked_ BYKali/last_login.txt
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
Lowkey Cracked_ BYKali/last_login.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
Lowkey Cracked_ BYKali/libcurl.dll
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
Lowkey Cracked_ BYKali/libcurl.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
Lowkey Cracked_ BYKali/lowkey-spoofer-fixed.1337
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
Lowkey Cracked_ BYKali/lowkey-spoofer-fixed.1337
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
Lowkey Cracked_ BYKali/zlib1.dll
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
Lowkey Cracked_ BYKali/zlib1.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Lowkey Cracked_ BYKali.zip
-
Size
6.2MB
-
MD5
f282376252a6a5c99faf96f0a1418201
-
SHA1
719700bf55be12e04f74a9a9390b113a95b0ce03
-
SHA256
178d950e74dce8c1728c3b64614b775710f2dbdd72777358c5ceee81af0586f0
-
SHA512
8ff256112108bf7965c7fbbf43de71712573bb41334d40596134ff9a495b4ae731d559d7d37d34b5cfa800e82003d87d2ba20caa3f2cade66192d1a354389df2
-
SSDEEP
196608:+bL/0PD55fyGV3PlWAbPQIkvZY2+Ja56H:+X8tVyYNhbPCmtJCO
Score1/10 -
-
-
Target
Lowkey Cracked_ BYKali/Loader_protected.exe
-
Size
5.4MB
-
MD5
7294f33e7a488cd4ba10383f0a7a0d89
-
SHA1
e280731d441b875d65be9010904925fbd05dac2a
-
SHA256
84ea9e6a8a65b9d653b175b28a50da62469f07e7c5c94a0a7f81b939c3a254a5
-
SHA512
abfafa0c7866adf45b53feea4e036c471e120502cfc29d591d5f87bc5c7251ddf9297a465efb246cc4e68d954ab1339b88e3f35516fc089faa2a9b2a60e8e806
-
SSDEEP
98304:xHU+1MNuAmgEWiKsFmiSIRMOrBt3Ks7qXW7dp4vNOP2S+1m7BIESQZnBYT:xHUsjmbIDlKs7EUn4N24mVIitWT
Score7/10 -
-
-
Target
Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe
-
Size
1.4MB
-
MD5
2b7a88c558a055878e72d6d96e2561bc
-
SHA1
5b5089e85992a32d77dc837f65dbde11c547184c
-
SHA256
446c40c07c4474244236bc50b498b2d61c5783bd2206d366ea10b332d0146622
-
SHA512
7de24aafd170bf58b716af7dd27158e444141ed3ecae8001f127d04d6cb103dc38d4db542c8b8c78c30a3174bcfee4886cb664c17a2900e2b06f539ef3b79541
-
SSDEEP
24576:PFOapLEWuIj9T0gR1U2vfVD8sA15qkJ1K3mbDQca9L32GYa:tdwfIj9T0ujvTO6L3L
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
-
-
Target
Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe
-
Size
198KB
-
MD5
d41f2de16e192aa7f1d3edda64b00100
-
SHA1
a7660dc9467035723e383b4e81eb1011a67a905a
-
SHA256
611e3f76cd702a3d9f3877304732786001799c5769e70d7e2fc4646aa5e8b124
-
SHA512
763e877ec5d621f76f8b4e517939b6f77acf44389665895c53ba297dacab281725fa48c8e68f836d5e07631bbc42a6bb8ba7c0520ffc313fa3746a6254b57a3b
-
SSDEEP
3072:UVqoCl/YgjxEufVU0TbTyDDalQ/HstlC2R7JbQwUxc:UsLqdufVUNDadE2R7Jsjq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
-
-
Target
Lowkey Cracked_ BYKali/Wifi & Bluetooth disabler/Disabler_Run_Admin.bat
-
Size
1001B
-
MD5
f231be56f8dd034fd9e62fe67b120dec
-
SHA1
c0a4b9d91f5934f00a6cc28cdad56dfee45d3116
-
SHA256
ff5735d7157d43beaf0ea13eae9dc29619d9384a79c0009c7b0ada9d722f0a30
-
SHA512
0da567136e8e24ed1cdcd27633ba2f68c26c9fcc3038d1d7a041516e187d97c9a1fc22eb57552f4a4378e58daeb297991e95f388530fa38e12c67ddcf50b22dd
Score1/10 -
-
-
Target
Lowkey Cracked_ BYKali/last_login.txt
-
Size
19B
-
MD5
9c8cc58cec3d2ed0b7c6f012b94bc753
-
SHA1
260681b47ecef8e165d8ba00ea391134d413b7d6
-
SHA256
d56c28cf4b7e9c47a24e58671bcbd0e8d78230807eb2639e425e8322fab6d9a9
-
SHA512
cda81f341f8c74a77382c3fdbb17c16c8fe47a91b40d48324e3a638c68949cc47252d58dcc83f2dd61032588b6a0c2465993a0966e03644b4ef9ff850ece9e9d
Score1/10 -
-
-
Target
Lowkey Cracked_ BYKali/libcurl.dll
-
Size
497KB
-
MD5
65fbb7674548d159e5bc1c5bb5dda427
-
SHA1
87ae6fe4045bb4d50def309b24c96930b63b89b2
-
SHA256
b3548dc70f66694e37b10ff26237a0b8d553fe6e1ad55565893878f2455a18bf
-
SHA512
f2f096cde7cd03401f48b947a4dcdb0557de50483e6691bf1b46f20c5029b0b91e625aeb1a1357f195eb6d75cbbfc4b2eb0960a3dc2efd91a4835743783d6655
-
SSDEEP
12288:Z+YFNRqjLSbhPgVJlWbSsDU0Eah0KJdHFWW1moH:Z+6hPy2DU0Eah0K/FW7oH
Score1/10 -
-
-
Target
Lowkey Cracked_ BYKali/lowkey-spoofer-fixed.1337
-
Size
1KB
-
MD5
eb7d7eca7af04125ed71b7c578d3fa73
-
SHA1
89eaeb800f81d8437ea7b8ee0086c4e5ba999336
-
SHA256
2b643ee0c64e8b915d4e38161cd6b8eb8664f43f88455b3d2da8ab7d271403b5
-
SHA512
e405ca6fc480e4c53754b13632166a7b810c0365003b2ea68d7a086901b15c59dfd086413d07057822b13373059ea55ba1d625c4c24ce9839fb7c153721fc8a2
Score3/10 -
-
-
Target
Lowkey Cracked_ BYKali/zlib1.dll
-
Size
85KB
-
MD5
6b2cfe74852195fb8187f368b74f7635
-
SHA1
e23e54714355b852726e81a17c444059e0d1339c
-
SHA256
be93482393ca7d2b440d5559d86268758dadf2f13899978e0271ab1db06b8091
-
SHA512
6f3ffb5baf6d89ecd76fbdd949327ad12bcfc25b973dc81df498033e3dd65e4bb9774d696e4059abd336dff3cb219ed5a36d38e2e0f63dae2db22c96c359ccd6
-
SSDEEP
1536:kTHRfzojvOeiRMPrpbAE1ApOal2qk0MGmnToIfUIOcIOYGW3wY:UBzojvOeiRMTtAEepOT0PSTBf6SYfwY
Score1/10 -
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Scheduled Task/Job
2Scheduled Task
2Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Scheduled Task/Job
2Scheduled Task
2