| Name | 179fe77fdc79fdc8_httpserver.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HttpServer.dll |
| Size | 84.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 3967ffff98451f858c01d689f9416034 |
| SHA1 | 7cc7caf4e22d74aa02dd90121c80f200cf8ccedf |
| SHA256 | 179fe77fdc79fdc86359c4f3a5ca5249ccc053ff22b357095fba017424296337 |
| CRC32 | B0D5103F |
| ssdeep | 1536:ozGhViFsFyI/My45VH03sqImkWHfd6J2ZyceThGr9tLRM:gUIB7gHIJb7ThGxJRM |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 27f0b47f7598adf2_swashbuckle.aspnetcore.swagger.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swashbuckle.AspNetCore.Swagger.dll |
| Size | 17.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | c2324670d2eb903b4b355438e80e8eee |
| SHA1 | aefc453d61943f9fbbc5d6a451a4e3821f205fb5 |
| SHA256 | 27f0b47f7598adf2ada4e6e520023b8db9df09e15015c026541147ca31e38d30 |
| CRC32 | 73DEC5DE |
| ssdeep | 384:tAQjVhw0UAYMM6P4ys7uB9AQNa62Vg5l+61:U0UAo6UuMZgSM |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4dca05a218e86d0a_kkmagent.application |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMAgent.application |
| Size | 2.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators |
| MD5 | 0b1ba57656cbfadc1f1556ed4e196a8b |
| SHA1 | 4ef1975eedc7b5903f139b52bdaba4707912de00 |
| SHA256 | 4dca05a218e86d0a676c1ced47b37677e3a10dd7b7c88e55b59f2a367ac4667a |
| CRC32 | 46E9A11E |
| ssdeep | 48:3B9oLwOw8jZcTF2gatb8onTgTFNQgXn6N0kkQdEhWTw:xWLwO9ZcTatb8oUTTLSk9J |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a331b3c59df83444_htmlagilitypack.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HtmlAgilityPack.xml |
| Size | 169.1KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | bcd76d744edd5faa1062f7e41b86f467 |
| SHA1 | f520139a8ccc2c62e8bafb019279a4f37787432c |
| SHA256 | a331b3c59df834444f608ac62f9ba4fb9938c7e5f989fe4571c26a30df6074ad |
| CRC32 | 21E981CB |
| ssdeep | 768:k89NigjbzmiP+x9qLcIfinUY6LUznShCEFrs1eZ9t5CRBUmwxYIYusFlQ5DQJFLj:j9NiQuo+xzVymIsFlQ6zBoa0vtgVLu4V |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | aaa1e41cf26231cb_autoupdater.net.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\AutoUpdater.NET.pdb |
| Size | 67.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MSVC program database ver 7.00, 512*135 bytes |
| MD5 | 0fc7a9e0dd8a6a449266723a92df3ada |
| SHA1 | c54aebd96d6341face7de7fecf03ef84c6ad3997 |
| SHA256 | aaa1e41cf26231cbd02a63fc86bca4c68fe9485d156e6556960284ff96ccbc97 |
| CRC32 | 6AF02B2D |
| ssdeep | 768:g73QS6r5rBf3/EvSFKHquulZlFHAFPlH1g/dWziK5x4:gbQSaXf39BbqFR1emc |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7e563cbf11d1fbf8_dualconnector.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\DualConnector.dll |
| Size | 110.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 3f58bddae90e15f1fa267fddf7902d99 |
| SHA1 | 0dd80152d5871f73219a54f73fb60321e91bf7a2 |
| SHA256 | 7e563cbf11d1fbf882ef2a26ae34b5029231c129bd32926b9a509ba94d577ebe |
| CRC32 | F99A5E7F |
| ssdeep | 3072:khRrCH4WItKl+ubqNGp/6Kr4xnRj/LW+YEHQvc6i:AQ4WIMBBpjEzjiZ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 88ef8a3ae743cda2_httpserver.lib |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HttpServer.lib |
| Size | 1.9KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | current ar archive |
| MD5 | dfe3cf5be9f5ca24ca8e852a54c9904b |
| SHA1 | 8f26840d433929d811fe2e24e0e246e0fad6cd32 |
| SHA256 | 88ef8a3ae743cda27d3af2fe100e053ba8273d05fc6146ee66a0b56f1964631f |
| CRC32 | 4CDE444C |
| ssdeep | 24:k/XBQQaXBqUBQvM22XPwx/HKw7O+yAOJsBQQmLPvgHKl8yhdXhLHKVD88S1:kJaX+M28PU/Kw/yAOJemLH8K/BhzKdP6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 36f1e041954de9ac_kkmagent.exe.config |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMAgent.exe.config |
| Size | 6.9KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | 660e547f3981c5a3e677335f951ec852 |
| SHA1 | fe766d3b216c60bfe0b0d1b78bb9bc20d32e8929 |
| SHA256 | 36f1e041954de9ac06d1c087920453c85591d0c680065e00c7dc23628c4da284 |
| CRC32 | 8C9D4228 |
| ssdeep | 192:ur7d7kr0Z/81LuKY/Rh2KS/pv7sJ+J/qJvS:uXd7fRKY/oSS |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1efe2fff740d2554_eac_39.png |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Resources\eac_39.png |
| Size | 162.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PNG image data, 39 x 39, 1-bit colormap, non-interlaced |
| MD5 | cc811d0b8662be79f86626f13e648054 |
| SHA1 | 3bbce8782bdbc28aef9a8ab6fba98708b628b265 |
| SHA256 | 1efe2fff740d25542a6a1a5b5b482580e6650e8a374184107ca404abd954d08b |
| CRC32 | FBB13EC8 |
| ssdeep | 3:yionv//thPlzT3/iLts7CX9/rIoaIinbBhkx92G1ulsK8GnI2O/GC//sup:6v/lhPB3/iR/BIoaIinFhw26qsK8OjCd |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3a7208090b0b0ea9_libcrypto-3.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\libcrypto-3.dll |
| Size | 3.6MB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386, for MS Windows |
| MD5 | 1df53284137a1378c88df6c81161cb8a |
| SHA1 | 52b403c447d4c143e2b952251177a40d669f4db1 |
| SHA256 | 3a7208090b0b0ea9dbd3cede9d3b2b7df592b802e63ad539f1dec6b8f4160db3 |
| CRC32 | 6D838898 |
| ssdeep | 49152:vHCsdch+cCmgJELUdtM5ydFbPChSWiTUw7uRiy2URWPB+loUJXQQgMsLUvc6CCNz:fCsuc3Akzn+o1CPwDvt3uF+DC0c |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | aeecfa60db32dbcf_microsoft.openapi.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Microsoft.OpenApi.dll |
| Size | 227.9KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 199ed9f71efd9de21fa652924f1544cf |
| SHA1 | 6634f1e3b374e800beb7e78fa1c910b9d1f183ef |
| SHA256 | aeecfa60db32dbcfac06bceb835745951c88fcac194a84b2d0fe61893d1b7c07 |
| CRC32 | BD50A085 |
| ssdeep | 6144:FqXecJCJuSnTVfn4bwTNOEyzVOw+p1+qAh:bcJC9nTVfn4cTNiR6Ah |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f3c56166d7f90296_newtonsoft.json.bson.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Newtonsoft.Json.Bson.dll |
| Size | 95.4KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 46944e52dbb2982ea49a297902b91ea8 |
| SHA1 | 0ed43a73f49e0df7b2fa681a627cad7e25074165 |
| SHA256 | f3c56166d7f90296bbe6b03f64335623c3165ed25948288f1f316fa74dd8327f |
| CRC32 | 96EC1A25 |
| ssdeep | 1536:pLYHa6RMWseWPKMF5us3wuhZrGpeZknuNvAY1MYgI518gcabQN4Fw/rKIWK+2Gi:qNWHss3Dupe2/gMYgI6aQNoKN |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 0f2b1c726e47166c_autoupdater.net.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\AutoUpdater.NET.dll |
| Size | 416.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 4919c59e98c927eb902a9370a45e71b8 |
| SHA1 | 4c08f77658d33e5aec0c8873f02779a87ed09334 |
| SHA256 | 0f2b1c726e47166cfe30f0edbd0939b3723bf3e63fc4dd9d8d178d85a4bcc72f |
| CRC32 | FF895385 |
| ssdeep | 6144:/P1vaSlxihxLdFyjg6jTdL22hR+AKPQj7EvH7lf3J5iqXPpe:X1vaQiZFb6jTZ2 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 72d73bd7b14df1bc_swagger.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swagger.pdb |
| Size | 22.6KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | Microsoft Rosyln C# debugging symbols version 1.0 |
| MD5 | 913dcf9791a1b12d336b0dd81878ad82 |
| SHA1 | fa4b88b3f8bb5d6ca3ddf3b4e141410d8004aabe |
| SHA256 | 72d73bd7b14df1bc4d0536b0f4c0346a9fd117fa1634479c63f128062e511505 |
| CRC32 | FF8EF96F |
| ssdeep | 384:gOqcGdOrXG6bqEaFHzUBXE2XlwTRao7Yg8YWV9xd+fZQUsuVgJRsEHguoDHHfBb9:5qcGdcXG6bqEOHgBXF9r6Qd8og0fg |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 52a51b5ce60eaf0d_swagger.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swagger.dll |
| Size | 12.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | d524fbc2aabd58fc7cd1b30ea3035915 |
| SHA1 | 3bf507c7438798366876c6138a09928ee5b5704e |
| SHA256 | 52a51b5ce60eaf0db6d03b3840b6d3433cc8f3e318337ba083c92d296aafc207 |
| CRC32 | 375750F2 |
| ssdeep | 192:ufEzD8JstCq7HI0kSjnFlnemuwn/1e1xX0j6EOx5P3wNd8bvZFkPLD:uf0D8JsoqzI0kSjF5emuGno13wNd8eL |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a6892c5e69b8a065_sushkofwin32lib.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\SushkofWin32Lib.dll |
| Size | 114.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 0b9e4c34c99e2f32038ac34dbb96fad6 |
| SHA1 | 74bbf0785188f503ab3eede2e67140557576ae72 |
| SHA256 | a6892c5e69b8a065ad47331b5397b17be4c39a2a01dd3002db1c5e0cb84407a6 |
| CRC32 | 3625A57B |
| ssdeep | 3072:XsbG68F57MShyen3ezvM593MgqBI1t3HhML1SIF7VA:XK4F9R4U598gqWLuSIF7e |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 561acfe4b1a14c83_qrcoder.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\QRCoder.dll |
| Size | 141.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 7e189090d52fec41c0c87657bdfc18c3 |
| SHA1 | 8ef2b8f984216a04769bb4f99f936961c46196a5 |
| SHA256 | 561acfe4b1a14c837b189fb9fc5c6d3e82440184bbde61912de723d62d6368b3 |
| CRC32 | 67CE10B1 |
| ssdeep | 3072:E4wM6OoRu7qywKsqxhDuPr5xJMnOfMAw3TkHjt0QQNOWIkHUsz72ot:E4wZywKn/U5xEwKIk0W |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 79ee87d4ede87834_newtonsoft.json.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Newtonsoft.Json.xml |
| Size | 696.8KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators |
| MD5 | d398ffe9fdac6a53a8d8bb26f29bbb3c |
| SHA1 | bffceebb85ca40809e8bcf5941571858e0e0cb31 |
| SHA256 | 79ee87d4ede8783461de05b93379d576f6e8575d4ab49359f15897a854b643c4 |
| CRC32 | 9D9C6F75 |
| ssdeep | 6144:XqqU+k/Rik5aG0rH3jGHdl0/IdHXpgVIeR0R+CRFo9TA82m5Kj+sJjoqoyO185QA:DU1 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e748211bf910b584_cliche-jm.png |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Resources\cliche-jm.png |
| Size | 1.8KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PNG image data, 164 x 101, 8-bit/color RGBA, non-interlaced |
| MD5 | d9cda93b45348de09e70fe35dcd8c6e9 |
| SHA1 | ee391652cd876d45e9413293d0005b8eb9bb4fc6 |
| SHA256 | e748211bf910b584399c85ed420300b082e3d773e026e5ad305cb092bd9e6818 |
| CRC32 | F5D3E1C4 |
| ssdeep | 24:VHKmgEt0mu9yhF7cF7c5q1zTIFY4geLIaJE+5KfDkFeCv1YFOIxz+2ok+FpjtRms:JK7sRnRnF/LISYC9hIwkWTRcLKEw1sy |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 52b0e96002932b5c_httpserver.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HttpServer.pdb |
| Size | 2.1MB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MSVC program database ver 7.00, 4096*535 bytes |
| MD5 | c83ce984acb81e0dc113c2d72912befa |
| SHA1 | b1fc2199dd1b00b3d4d6cd298048022c06a3d00b |
| SHA256 | 52b0e96002932b5c276ac3932dac468b9fbb06d539a28f8b8cf13cc147f33b4c |
| CRC32 | FCCDC8CD |
| ssdeep | 49152:XSCUiXhJg6OzEpFLLw8j/Lob9cBqzHMmWZz/jyauSf/2dpfkiCOCAkG+o5x7ArT0:iCUiXhJg6OzEpFLLw |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d3f7acb36193a434_rabbitmq.client.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\RabbitMQ.Client.pdb |
| Size | 209.3KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | Microsoft Rosyln C# debugging symbols version 1.0 |
| MD5 | 53189a14174a80be57908c764612a0c6 |
| SHA1 | bc2fa4544abd52197bf55f05b42e641cf31aef06 |
| SHA256 | d3f7acb36193a43420a585cd70d11eff1a03a1a67ba78887d3b3b0a100bc0b84 |
| CRC32 | 15429640 |
| ssdeep | 3072:feQKNrMrbPn0/W6oBAMq+Bslr8Aa/kKKKDhZz2pz/JpOZcX62x9:feQ8raIWJB59slr8pkKKshZiJ5z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 95fe9d92512ff231_nsprocess.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\nsxC158.tmp\nsProcess.dll |
| Size | 4.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 05450face243b3a7472407b999b03a72 |
| SHA1 | ffd88af2e338ae606c444390f7eaaf5f4aef2cd9 |
| SHA256 | 95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89 |
| CRC32 | 7F5B79E7 |
| ssdeep | 48:SKgfJzwtr95f5wiXnfkm4ZixVWmWDYWWDYvt6ENGAa4GW6ENcuHdtjq6vo:hZ9Htnfd/xVJ3W3V6aQ4GW6azdtj |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ba522b6bd6370060_autoupdater.net.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\AutoUpdater.NET.xml |
| Size | 31.2KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 74f97878006f15d754478952d084d1db |
| SHA1 | 404f76c04916ba154cd1b3dec40d97ff49e62bc2 |
| SHA256 | ba522b6bd6370060282f86c2b760a04fb763055738e60a7ff452fc820b55730c |
| CRC32 | 0419FD7A |
| ssdeep | 384:m3aS5+mVo0bX9YtT7m/WOQkT5z3KgdQGQcf74uoMulY4:o+eSm/YktsGq |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 05a0188d9e87bc62_swagger.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swagger.xml |
| Size | 7.4KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | 5dd8d4cc97708b1e194e87aa16a23072 |
| SHA1 | 99a2a6030ae939d6fb9a1ec62925ccf4df49b765 |
| SHA256 | 05a0188d9e87bc620853aa760853d9aae85f2ee9c204867c3d8b766df941e32c |
| CRC32 | 627CC916 |
| ssdeep | 48:bWygjKHwlJtBaFMdOIQyS1jIwI8eQrLXjvXjBhNw8rzt5lp7h5QcBamWWdrqWivy:bO2QfhO3ySJImbbBztN9phFDnJ2ufB |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1184a96adb9d5183_kkmcommon.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\KKMCommon.xml |
| Size | 8.9KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | 2254293c72ae357263e7ec68b3bf321d |
| SHA1 | 4917b88e8a07d124b32504de19f4160666b94273 |
| SHA256 | 1184a96adb9d51836b39fc687c6fa8a6cd44ceeff65ea5951a1ee6854e6bdbd3 |
| CRC32 | 1BFBB74A |
| ssdeep | 96:9II0gCXId15N7AwrdEvKqrvTGN8xFhm1O69JIzjI7cIOSY8:f0C1ztrKvKkvTvZm1T9mzjOO0 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3fa090a372292775_xml-kz.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Resources\xml-kz.xml |
| Size | 3.1KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | exported SGML document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | 3f95090534c18f6094a4033e1033d84c |
| SHA1 | 315cf10df06e373791e6b803fe8e7db991754863 |
| SHA256 | 3fa090a372292775998a53c2cc50035cc1081842090dfeba8a5d43275b62dddc |
| CRC32 | B5E8EEC9 |
| ssdeep | 48:3CedAMHOMu+O4e3Halx3l2xx0tHJ1RxXeQeQmQiyc5F9Z5LCWawxVTdxISKHB:NHQ4CaI61fN9Vdk41B |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9eb1255d7601626a_kkmcommon.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\KKMCommon.dll |
| Size | 56.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 42813b472279298a39ee42d2ad899f33 |
| SHA1 | 5b4a9e5adc7a8633e851673a35abde1c3ece67a6 |
| SHA256 | 9eb1255d7601626ac4b96110542bc1b620430eecaad12f75d3eebba0fbd9827f |
| CRC32 | BFBAFF17 |
| ssdeep | 1536:LrTTIp8pQhstl/7uIooLET07GFFlFYDp:r0epQhoLs072FzYd |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 30a224532690853e_microsoft.diagnostics.tracing.eventsource.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Microsoft.Diagnostics.Tracing.EventSource.xml |
| Size | 198.6KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | fef03afb20872134b52dba3174d99a1d |
| SHA1 | 317e17a2934fc68bec6acd16a3a39205281fa637 |
| SHA256 | 30a224532690853eb416ce1a41b90247f33d969c992db463cc39d3e24a19c103 |
| CRC32 | 9CCD8008 |
| ssdeep | 1536:6aLUe6tqXtV2K+K5gQGAuLFu8C+cg8jtmTJ/fU:6aLP6tqXHX+KqMuLFuQcg2tmTJ/fU |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d9b162e86f925e12_dualconnector.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\DualConnector.xml |
| Size | 484.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 96af15b3ec960233866b7589c340f890 |
| SHA1 | de43739c264dec0cd7ff958403ed9492a1cb97bd |
| SHA256 | d9b162e86f925e123f6be24c7a66d8649b5956d6310b0f6527fb7687aa6705c4 |
| CRC32 | 79A716D0 |
| ssdeep | 12:w8IkRKbIhysz01rmN5ggvb1UbaJo9stPt8XFAyae:wHKK5Fh2vbSbgoOtUDf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | aa474e0e9be665f2_nlog.config |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\NLog.config |
| Size | 887.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 8c6a2547d1f701d2ea2e717d0e232eb8 |
| SHA1 | 11581190da4311f9174071ad54ad1260e76c008f |
| SHA256 | aa474e0e9be665f2c008cb704086e8f712c349b585208be9e9aa6ece05ac6e60 |
| CRC32 | 80622398 |
| ssdeep | 24:JdNQjY8lcqD9AwKP950vau1rMPNqrM4VHr:3b8i49AwKPW/WN4MaHr |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9c1d6b531e0ee905_rabbitmq.client.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\RabbitMQ.Client.dll |
| Size | 273.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 5477f26fc30271354c594fd156a6c53f |
| SHA1 | e163fec209e3b12df34745f59bbee6f16dc4c0db |
| SHA256 | 9c1d6b531e0ee905f5a66e792adc7dead9fc46590ad9d9a8cc955fc9d821c678 |
| CRC32 | 314D3E30 |
| ssdeep | 6144:W7fI1XlicxFJIbYlAdOcY6KtMQA8aDwYYdO4:mfIOctKoM7DF |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | e2c09c4d785b091c_kkmagent.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMAgent.pdb |
| Size | 99.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MSVC program database ver 7.00, 512*199 bytes |
| MD5 | 83694ca106a9a2cb0b761177bc0a6686 |
| SHA1 | 4a095835f82fd54f054b287f93f330a23bc1cc8c |
| SHA256 | e2c09c4d785b091c07fc81be9e027375184d3ebc38d23ac25e6adf64c66cff42 |
| CRC32 | 4FB986DF |
| ssdeep | 1536:5kJk60/nR7UFfXFmdkJBXm9ZSn7eMnnm2Hmsc4Y:TRYtmNqPnl |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 82b51f03f61640f8_kkmagent.lnk |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avermaster\KKMAgent.lnk |
| Size | 935.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Fri Jul 12 01:50:04 2024, mtime=Sun Jul 14 22:37:50 2024, atime=Fri Jul 12 01:50:04 2024, length=103936, window=hide |
| MD5 | 443624b9c60498a155ef5ec07ca3d0c2 |
| SHA1 | 30dd16f39e0956e103e1b4693260b6f39eef272a |
| SHA256 | 82b51f03f61640f8e745ebf8d2992bea8eae95a78d104d2d04e12a50a680ebf8 |
| CRC32 | 30454FCE |
| ssdeep | 12:8mE6sk64cZCrR8EvSElovSLe/+X8bJljRDzRkd4izCCOLAHfkbjI/MJSjfg9:8mykHsERdU0e2sbRSJzNmnhGfK |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6d73cb2cc14612dd_swashbuckle.aspnetcore.swaggergen.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swashbuckle.AspNetCore.SwaggerGen.dll |
| Size | 105.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 7ad95b73ce4f65b7686fbfaddb23ccb9 |
| SHA1 | 75c87f5ae1bf4bfd4b58063c687a200b9d3dcf18 |
| SHA256 | 6d73cb2cc14612dd02de52f8a29bd1db4cb312f76f1cec2e62f617aece08bb86 |
| CRC32 | 99EA00CA |
| ssdeep | 1536:xnNPAaE6Hpx7akZYxtUh8b+QIOmeNFfg30aFz6iDObjHGcu:xnJAaEIsTyQVmYF65z6iDOdu |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | fb5ed2cb9fdd10a1_swashbuckle.aspnetcore.newtonsoft.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swashbuckle.AspNetCore.Newtonsoft.dll |
| Size | 15.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 191a886d851eaedcafbcc9c89bd05eeb |
| SHA1 | 029d2d76a0f8bf31d2486ba5b977ba4d687b9a74 |
| SHA256 | fb5ed2cb9fdd10a17e6c3feb8092a55b52776662cae911e7737527a43eb8925c |
| CRC32 | 34A5A01C |
| ssdeep | 192:g6Ntx/iMnkPKACOKeE9vgjpOpTmbGmtXw4MIE5pkw/sCtNf0JZ1Z4g9GdvCVwFbZ:Z4COaGuyKmth0TtKTmIGdTW |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 9915eb5ffdeffd6d_managedopenssl.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\ManagedOpenSsl.dll |
| Size | 142.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | e74b45510cf9c1beb5563f89c5a48b5c |
| SHA1 | 442e709ee8903219765f0a769a4de7876b329c8b |
| SHA256 | 9915eb5ffdeffd6d704f146a6c373f9563968b62b72a3d26afd6babaa605d55c |
| CRC32 | CA7C8B3A |
| ssdeep | 3072:zFlafpcRurmI1JrOOEL4/wHuheEKY5ok5VODKEMgka/H+:D1I1yM/e5GjEMy |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 29d3a32476a25817_nlog.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\NLog.dll |
| Size | 831.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | fdcaf6060e7644dbaa96ecfe59c0eacb |
| SHA1 | a8ed5031b70ac682ea850abee07c4f436259cf88 |
| SHA256 | 29d3a32476a25817f80d64d64bed42d9e0eafa1adf2687cbb51dca12c27503f3 |
| CRC32 | FE2E875D |
| ssdeep | 24576:HTXSPAXm3Qn63VZDoW7LMGagBKBxEwdodU59bI:zXSPAXm3Qn63VZtNA59b |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2b5e0e7683f0c79f_rabbitmq.client.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\RabbitMQ.Client.xml |
| Size | 345.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text |
| MD5 | d088bf0a35bcafe7cbedd99e96d43174 |
| SHA1 | 77c66674ae59ab1410624f860480fa072e3a2144 |
| SHA256 | 2b5e0e7683f0c79fa1e1b554b74048379a730a0e79c01657848d127fb28fcf9d |
| CRC32 | 396DDC6F |
| ssdeep | 6144:B6htiEpVGrMOCzcQ/9Wsc0ZAHjZ+cirHxZeK65tW5vHz2:QHO |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_nshC0AB.tmp
Empty file or file not found
|
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\nshC0AB.tmp |
| Size | 0.0B |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 53af86ff24ff0cfb_htmlagilitypack.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HtmlAgilityPack.pdb |
| Size | 315.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MSVC program database ver 7.00, 512*631 bytes |
| MD5 | b85a25098d291992af5cc4a5bbfaff98 |
| SHA1 | 48fafbf8a032bff35af481fe213e470f5ba9fe8b |
| SHA256 | 53af86ff24ff0cfb131ba6aaf96a6ca6fb07985e1e8b4f3d18ff21036e970150 |
| CRC32 | C9AEC3C1 |
| ssdeep | 3072:oHKnQvj9FprXjXt09WlZV9Tx3j0FGk6DmGXlwAfU1siX:o5HTLLV99Jk6DmGXlwAfU1si |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f9836c19b5558343_microsoft.diagnostics.tracing.eventsource.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Microsoft.Diagnostics.Tracing.EventSource.dll |
| Size | 166.8KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | ad9250c9725e55e11729256336accd56 |
| SHA1 | 793fe7f04a7b39aa88ebf77deb9cf896d5136f68 |
| SHA256 | f9836c19b55583433141cbc1ae4542e65919abb0753e806b29740a732526b685 |
| CRC32 | 8D2CA2B4 |
| ssdeep | 3072:CV7Uuhwv/apbC9vLBc2Tgy5isJ9hQlINH7LtuVvEvM:85o/apbkvLXgkr7p7ZlM |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | deaf74a744649fc0_nlog.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\NLog.xml |
| Size | 1.5MB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators |
| MD5 | 31b584f35999fd7228cc0851ad1b16b8 |
| SHA1 | 3e667b1b49343b997274146214ed66463f9fd6d6 |
| SHA256 | deaf74a744649fc05445a073b7fcac0637797a89f71ec651753035179046421c |
| CRC32 | F448DE5C |
| ssdeep | 6144:5bDtZQq9knLoF0g5I4tJegu7awFIQa2cqo/qDhITMpc+Kz+5X:1WLoIIeg2l |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d6874048e16b2dee_kkmcommon.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMCommon.pdb |
| Size | 169.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MSVC program database ver 7.00, 512*339 bytes |
| MD5 | acec68a884488774e7ac8c5070b91d01 |
| SHA1 | 1145c8f84bd662dec607f844acfd28f4ce8ca4b8 |
| SHA256 | d6874048e16b2dee10a8d274b76777b4022eaf60de477e94cff285ca4eff150a |
| CRC32 | CAF23B2B |
| ssdeep | 1536:aJqH/sM0nSkpuNZ85G0xgL4RVsxv8O/vtCY0mvOcDNwuNKCu5ste2rpMOmdTzIxt:x0SkkK8Pd/vkEvOccCS2rpMdtz |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3723f1c3b689150f_httpserver.exp |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HttpServer.exp |
| Size | 872.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | Intel 80386 COFF object file, not stripped, 2 sections, symbol offset=0x26b, 12 symbols |
| MD5 | 886d41b5e8967bbf4cdfe11205dc032a |
| SHA1 | 8a012f7e8a314e2889c0fb45c0cd0ea8b819203e |
| SHA256 | 3723f1c3b689150f5c225a4fee9ed01c5bfa1504f15a2654c0cd3cd2a9e2f94b |
| CRC32 | 3B3A2250 |
| ssdeep | 24:7ei6lPv0qKdt4m+PEBDXpRwx2xu3g41F/u6y:aLX0qKdO5Ph2xuQ41F/u6y |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b7b1535f6c7bc044_kkmagent.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMAgent.exe |
| Size | 101.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | d91a0690e171fb98a798b70e1561a8ec |
| SHA1 | ffeac2eff14fbd5a19736ae3a2323ee82c40a9ca |
| SHA256 | b7b1535f6c7bc044e86090915ecff230e2e661cdb55d8ee5ab23c211b3153ca5 |
| CRC32 | 26BBCA7B |
| ssdeep | 1536:DC+xBNKsFfzVkNFY5NKNQbjjNcHmGemi57FWQ4PR2aAiwjGB07dQ4+:DC+xrVWNmPbsmGemi574Q4Z3KicQ4+ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f1e244a665069c53_managedopenssl.dll.config |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\ManagedOpenSsl.dll.config |
| Size | 291.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | ASCII text |
| MD5 | 7b50f9d23ef94b5fa39d614b16c24581 |
| SHA1 | 4ab057f114d2a24d52733b16dc48e7c4e4ad8d91 |
| SHA256 | f1e244a665069c533e6d69a0f68da2bd5bd6ddb080a2620851ef5aae5ddc5c37 |
| CRC32 | EBD1FC39 |
| ssdeep | 6:8IjIGt/pA+k5Oefwt/6dA+kvghfwGJi/pA+k5OyGJi/6dA+kvXdQIjn:dsBjZkctQWjoQhvxj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9d0befb51bebd2cb_swagger.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swagger.exe |
| Size | 146.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32+ executable (console) x86-64, for MS Windows |
| MD5 | 62364867f3d286118024e7a28ec561bc |
| SHA1 | 9061180d5d707e00ba328a55d00494dafe8d294f |
| SHA256 | 9d0befb51bebd2cb78dcac73cb9fa0815df28a29758511d2bf369c948c16e750 |
| CRC32 | A68A17BE |
| ssdeep | 3072:/czkitvo4BpYN/6mBPry8TXROLdW5m4mURN9OOGO0km:/A4NCmBPry/N2dOOT |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 73f95f9e0ceb205f_appsettings.development.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\appsettings.Development.json |
| Size | 127.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 804b473502a4c415cf75db61c56c32aa |
| SHA1 | c4395dec377a5bc3f27955fe131047dc9f4fa2af |
| SHA256 | 73f95f9e0ceb205fc1c4dc50c07697fcfa29d7087868c2aef1d504cb38c771ec |
| CRC32 | 73FE9E4D |
| ssdeep | 3:3Hkt3dNJKqnJModNZArJ9H/MKLHJC43utfBfMeHVSNrn:3HkJdNEqJzN+rJFMKlC4eRB0wkNr |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 634338c32c3ae644_swagger.deps.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swagger.deps.json |
| Size | 11.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 2c2c978a1aa8f14fe704ed793fc386ff |
| SHA1 | f4518639eb80a2fb2b8392303e4e7a885887f666 |
| SHA256 | 634338c32c3ae6445b525069428409d9cbdd776c91fb67580f25345410106094 |
| CRC32 | 90ED4F77 |
| ssdeep | 96:Y6LvzUo+WU8UVU9UX/XhpHJbjAy2wfBUbsXIDARSq3pnTr7zUv90P0IUIVC0Y0jh:Ye0NZJnTncsfpdXJFAlwKnSepy8+it4 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 338360f7beb8adcd_kkmlib.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMLib.xml |
| Size | 61.8KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | ff4aee2cf90985565759395092b4e5af |
| SHA1 | 17d4e3bdcf26315e59cff74db5910676500c7191 |
| SHA256 | 338360f7beb8adcdd316057f231734d8152ceab6e8f4241532a8aeeb9d02f0f4 |
| CRC32 | 69C6A92C |
| ssdeep | 768:nPijakx/Wkj6KyVUn8Yxlmr8Pk6wlhnxHOqou:nP+Xx/Wy6KyVy8Glmr8Pk64nxHOqou |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e1e27af7b07eeedf_newtonsoft.json.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Newtonsoft.Json.dll |
| Size | 695.3KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 195ffb7167db3219b217c4fd439eedd6 |
| SHA1 | 1e76e6099570ede620b76ed47cf8d03a936d49f8 |
| SHA256 | e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d |
| CRC32 | B76210F4 |
| ssdeep | 12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 027f7ec40800a851_kkmcommon.dll.config |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\KKMCommon.dll.config |
| Size | 504.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 3ed12dba4aa997ecaa35953979329d53 |
| SHA1 | bb634bb4b5e4a43634db0b586cfe8bb9e538aedd |
| SHA256 | 027f7ec40800a85177e044cd4f284c1fc86fc5f0055bf728f7fe7ddf67de4091 |
| CRC32 | FB78FFEC |
| ssdeep | 12:TMHdGzNFF7ap+5Bw/2/vLpFicYoKV7VirSyxm:2duPF7NBq2//9kirO |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c9dae5e8b3150d4d_pilotntsharp.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\PilotNtSharp.dll |
| Size | 8.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 050f359cbb074e55d505506b4b35bb7d |
| SHA1 | e80cd3036c045c90548fef5fe1566aa3d8050289 |
| SHA256 | c9dae5e8b3150d4d993ced26cfede0c305a5ae6329a3c80f61ffac53185e3b90 |
| CRC32 | B8B1D299 |
| ssdeep | 96:mcjZSGfU5GfUlkrQkolGSjM4+rmgTRGmoOuwfX+5zgTCHQB6jyPhjnGpBW:m1GfU5GfUlHb6rjTuzgRB2KjGS |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d4cf570c7381883b_uninstall.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\uninstall.exe |
| Size | 35.8KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
| MD5 | 41dbd13a312f2bdf14f7cd8a04bd0434 |
| SHA1 | f5b490f47c8a56580f1c5e2247876d458f6ab83d |
| SHA256 | d4cf570c7381883b1f2aa6e6c1510d634fe5b7b6b8fcbfaaed92ef3014a2d3cc |
| CRC32 | DE67071A |
| ssdeep | 768:SPLV0/LMvOdZLTU+hjO2ei2fr5iZ+uhc9GdtOuI7d4cKJRn6bW7/:SmQWjTU+leyZz/dWicPb6/ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6df9d89a9554165b_microsoft.aspnetcore.mvc.newtonsoftjson.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Microsoft.AspNetCore.Mvc.NewtonsoftJson.dll |
| Size | 65.1KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 8434d71b0b0d19ee916ea43f1648277c |
| SHA1 | c99d621c7797dae0b0121cef96afa4f78707adc2 |
| SHA256 | 6df9d89a9554165b4fe8acb2fcc884f3070edb046850aa9570bc649c32bcedcd |
| CRC32 | 02EA3B11 |
| ssdeep | 1536:S9WwfNpkWkS7Ubotm8b8J57A4k6VFSMsKb:yWwlkV8b8J57A6XSvKb |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | bb7869b0eec0c61f_kkmlib.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\KKMLib.dll |
| Size | 252.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | e6bf0d7475a311d0f48a3d3dc58b173d |
| SHA1 | 76acf2f32519fd5c4802b3fea6f9e2e0fbd8a946 |
| SHA256 | bb7869b0eec0c61f084108595546f1d3ab6e516716fa1d60099edf0dd9a37af3 |
| CRC32 | F49D5A06 |
| ssdeep | 6144:4XV5kKpF6GjiiyysIWz3LmmDgsgI1AbOkXca:4XvwZbmCglI1YX |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2c256383dfa73645_htmlagilitypack.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\HtmlAgilityPack.dll |
| Size | 166.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | b1f442802185d272aa4ad63a59702675 |
| SHA1 | 78911e2dca636a2568c43f53cb80d0230b691ccb |
| SHA256 | 2c256383dfa736459a1880734de625e7b181f3c9cd46ea072e692b57133f5a8a |
| CRC32 | 42C7BB06 |
| ssdeep | 3072:1TAQW7ZBlGNJBrWNs0eDI1j60DXCYWFLZeQW+wFZTa:S5ZONJB/cV60WGVt |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 0849b0af8362e17f_swagger.runtimeconfig.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swagger.runtimeconfig.json |
| Size | 488.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 0ba576ff3f2d7bc78218a0130b1b4361 |
| SHA1 | 93db9f04b230e9b6423ab1e6f8103ddabc2e118a |
| SHA256 | 0849b0af8362e17f7716209e410a84d56f05c6dc8bae36c42109c346535e9bff |
| CRC32 | 88B2CEBD |
| ssdeep | 12:dFk2BEe01sxvEU01slSng5x+K8E7nS2r2:djBEx1sxvEU01sN50K8 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7fdd0170e0eb5bf8_tsclib.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\TSCLIB.dll |
| Size | 134.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | f39f9be47afbf58a1b92c6652025cc5d |
| SHA1 | 31ef30bfbfa135ce76b118ac274d00253685c101 |
| SHA256 | 7fdd0170e0eb5bf884aaa1db6b6d07dd06c2d05cc2956c318ceb9c765868b9f9 |
| CRC32 | D5607F75 |
| ssdeep | 1536:6nkijL9xH9nJMoCjFbM7OqPc4yTMEtODZLtUkt4inATk8OaLX7lY7PoXKBkXKLjx:axH9KtBTM6kpU84a+nJL5YmK/Lj8L8 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | e6263a89a8864168_microsoft.aspnetcore.jsonpatch.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Microsoft.AspNetCore.JsonPatch.dll |
| Size | 53.6KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | b9268876ae4adad3843e963eba28e00b |
| SHA1 | c5b81c5e5f50b272bab343d7d7d343796e651d86 |
| SHA256 | e6263a89a8864168b1a7a1496bdccf4f52aa5f9ac0423e0bbb910fd1517bc313 |
| CRC32 | AC7D15FA |
| ssdeep | 768:eMJdZ37ll1nq3TVwFnG26NoZ5QpKFQXn922S1gWDon/aMJi:e6dZ3Blhzg9qQp4QX92n9Q/aMg |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f17cc8fafc8a0aac_kkmlib.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMLib.pdb |
| Size | 519.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | MSVC program database ver 7.00, 512*1039 bytes |
| MD5 | 6b2f2f2ce926e2e9770ffce04e89d0c4 |
| SHA1 | 201477371dac72f474c3b1eb03a15268b4ff77cb |
| SHA256 | f17cc8fafc8a0aac6fca4adf818a8f797412b5407d427072079535f79cad6ee7 |
| CRC32 | 9B5CB9D8 |
| ssdeep | 6144:20hm4Xj9T/PKY9x3lzbWeD2pOtTn8mJ5YLPDnOfJp1+KEeX5Lbp1+KEG:5kq9PKY7VeeSpOtT8mJ5SPDnOfJpjbp |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f1a59b541a022ada_appsettings.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\appsettings.json |
| Size | 267.0B |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | b8f2f2bf516eb57dca9bf4cd22c638e3 |
| SHA1 | 79577822b39105d13d6e1ae04387a5ecfb02fcd2 |
| SHA256 | f1a59b541a022adae64467cf93272620fad9d515186168da5f18ab79b619a213 |
| CRC32 | E7795087 |
| ssdeep | 6:3HXNAdRWN5FNg5QSdEJ7L6VhkJdNEqJzN+rJFMKlC4eRB0wkNhLlvV:qdH5w76kiqJwJtlC4eUwkb5vV |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 612d9fd82e677d16_swashbuckle.aspnetcore.swaggerui.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Swashbuckle.AspNetCore.SwaggerUI.dll |
| Size | 3.1MB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | a5a7e03b78cfa550c2bb230847503da0 |
| SHA1 | 345c6b6c08da999f7819345ddcb5ecbe9ac5cd99 |
| SHA256 | 612d9fd82e677d16ceb970c0db3db940e645c7623f9972b3514165de961736ae |
| CRC32 | C71B254B |
| ssdeep | 49152:PHqO3eC/1fef/75B4P5ci7CbaZk9t5qHqO3eu/1fef/h5B4Xh6/q9k8s0v:CyeH7zi76meHhg |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d0f9b82de64219e3_atol.drivers10.fptr.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Atol.Drivers10.Fptr.dll |
| Size | 78.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 3c46c36b845b1da2c2bd9e0667df0f60 |
| SHA1 | 570dcc02f0cfb97c352363943285212c833229fe |
| SHA256 | d0f9b82de64219e37556834fb2a7491468d2cbe1d324880c23a3bda8851b9e5c |
| CRC32 | 72762C9B |
| ssdeep | 768:niBRRkTSSrfbbMOCA5rLBdMkynic6MYnhtX4WYdv0+9fhGQ/Yh1ltJ28lp3Aqob4:IRR7IjbMg5Gj6nRKvPB/U1XAq0Qn |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 72cf291d4bab0edd_newtonsoft.json.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\api\Newtonsoft.Json.dll |
| Size | 679.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 916d32b899f1bc23b209648d007b99fd |
| SHA1 | e3673d05d46f29e68241d4536bddf18cdd0a913d |
| SHA256 | 72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661 |
| CRC32 | 4CAAA59B |
| ssdeep | 12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7db2c50e9373c652_libssl-3.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\libssl-3.dll |
| Size | 611.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386, for MS Windows |
| MD5 | 0e64653884c3a60927d214aeea68e2e6 |
| SHA1 | 471d5113b91636a7a20c06db1c5fce653e98b569 |
| SHA256 | 7db2c50e9373c652c7812f4a36fc6de3560b581c9487b92bb2c699bfdfc8d074 |
| CRC32 | D48C19E5 |
| ssdeep | 12288:quv2LxOEskLRHTiCRwwgBq5vtp+CUlFcl408ZYht27W01sQi2Q:quv2V8uiY40Xt27W01sQi2Q |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 02264ed70bba8d24_kkmagent.exe.manifest |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\KKMAgent.exe.manifest |
| Size | 15.6KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, LF line terminators |
| MD5 | 2394b2daae2c36347189dc9d324bd79a |
| SHA1 | a3354006090bb32a4131bae606aa8f388d68492a |
| SHA256 | 02264ed70bba8d24abcf5cd21c25a7283e643d26b5ecd85b8f7b51855092ede8 |
| CRC32 | 8007ED6F |
| ssdeep | 384:uYc5tuxPnTUeH7wFcz32A6LBzziwpbXR6:uYc5tulv4R6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e0aad11b1d2fd2e6_xml-dubai.xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\Resources\xml-dubai.xml |
| Size | 5.0KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | exported SGML document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | 7bf4d1fda01a9863d6d4abec93018f0d |
| SHA1 | 69f8bbbe7aee8c40b26dc889cf77d58a1a8df9a9 |
| SHA256 | e0aad11b1d2fd2e69e8db77c1aba33f5e89a21e04f96c785050f630ef0ea7685 |
| CRC32 | 4430994F |
| ssdeep | 96:gi8MqBaTxykSSxAkrKxU6vgxsoyrv67TnjBxxxMxn/:iwTUzSgWBqDm3eF |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9963d40abdaa5c03_barcodelib.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\KkmAgent\BarcodeLib.dll |
| Size | 105.5KB |
| Processes | 1712 (kz_kkm_2.4.2.3.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | b44f8d102da1a8bea10674b2ed905114 |
| SHA1 | 32e80ba45066e43b516ec4b178e0ed77bd1be2de |
| SHA256 | 9963d40abdaa5c03e34d9b2fe8280b1ae1d16002742e4caf36004c4b35309827 |
| CRC32 | 9A4A74E1 |
| ssdeep | 3072:G7F2D+XFMx2d225/gOnanSSbVmMPhPPmeuPeuUV9oLXvIUP/SqlPB5sqBTxvNeER:jI2xo |
| Yara |
|
| VirusTotal | Search for analysis |