kpot | 53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135 | Triage

Submit
Reports

Overview

overview

Static

static

53e1f72ca9...35.exe

windows7_x64

53e1f72ca9...35.exe

windows10-2004_x64

Sharing

General

Target

53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135
Size

406KB
Sample

220625-byq4dahaen
MD5

7a53429710e5d456bd79c147316c1bbb
SHA1

4d46fc427c0c5aa412e13b96dd6be72044ceb18d
SHA256

53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135
SHA512

2673325f08ff43f0a6afcdac341f7fe944927153c09efb14e16dd53974cabba283ca41c03a5c40bc5e0d5d5537d7757284ef7dce70383881deb6c0d2efaa769a

Score

10^/10

kpot rezer0 stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135.exe

Resource

win7-20220414-en

kpot rezer0 stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135.exe

Resource

win10v2004-20220414-en

kpot stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135
- Size
  
  406KB
- MD5
  
  7a53429710e5d456bd79c147316c1bbb
- SHA1
  
  4d46fc427c0c5aa412e13b96dd6be72044ceb18d
- SHA256
  
  53e1f72ca9dbdfe05ec0baca1f5b5bad453549d7a38845eb14013de9b05f2135
- SHA512
  
  2673325f08ff43f0a6afcdac341f7fe944927153c09efb14e16dd53974cabba283ca41c03a5c40bc5e0d5d5537d7757284ef7dce70383881deb6c0d2efaa769a
Score

10^/10

kpot rezer0 stealer trojan
- KPOT
  KPOT is an information stealer that steals user data and account credentials.
  trojan stealer kpot
- KPOT Core Executable
- ReZer0 packer
  Detects ReZer0, a packer with multiple versions used in various campaigns.
  rezer0
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

kpotrezer0stealertrojan

behavioral2

kpotstealertrojan

© 2018-2024

Terms | Privacy