Technical Analysis of kkRAT | ThreatLabz

C45-2025-09-11-8

Indicator of Compromise (IOC)	Date Published	IOC Type
HKCU\\Environment\\UserInitMprLogonScript\u003c	11/09/2025	Win_Registry
HKLM\SOFTWARE\WOW6432Node\360Safe\360Scan	11/09/2025	Win_Registry
HKLM\\SOFTWARE\\WOW6432Node\\360Safe\\360Scan\u003c	11/09/2025	Win_Registry
c20c0c957ff42158d08053b5ce3ee4a6bbbc5eeb905f901336ed5c04d34910b5	11/09/2025	SHA-256
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\u003c	11/09/2025	Win_Registry
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.fnProxyServes as a proxy	11/09/2025	Win_Registry
HKCU\Environment\UserInitMprLogonScript	11/09/2025	Win_Registry
HKU\\360SPDM\\CC2FCASH\\speedmem2\\x\\b5e3891842b605bf7917ba84\u003c	11/09/2025	Win_Registry
HKU\360SPDM\CC2FCASH\speedmem2\x\b5e3891842b605bf7917ba84.Following these registry changes	11/09/2025	Win_Registry
103.199.101.3	11/09/2025	IPv4
71ca5dd59e90ec83518f9b33b2a8cdb6a0d6ad4c87293b27885fa2a8e8e07f1c	11/09/2025	SHA-256
6307ac7c921275fe90c70caa08cb43ceca46d273	11/09/2025	SHA-1
154.44.30.27	11/09/2025	IPv4
156.238.238.111	11/09/2025	IPv4
mirfanva@zscaler.com	11/09/2025	Email_ID

Download as CSV