Overview

overview

10

Static

static

5a8089cb75...64.exe

windows7-x64

10

5a8089cb75...64.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a8089cb7519c8667b31517b57432905472c262bd9277b05593e55a2b6517e64

  • Size

    548KB

  • Sample

    220802-dwba9agfg5

  • MD5

    740c32cefac30c905f5fea06b473d412

  • SHA1

    2a03f94397e8d063f9bfd45c56516242c72c71dd

  • SHA256

    5a8089cb7519c8667b31517b57432905472c262bd9277b05593e55a2b6517e64

  • SHA512

    3467cfa7bdb29c9dd74e64b659fbd384e2ad4df918b465153e77bb0420150b70199b8b99cb95e8484021301c3cbb82a539f1d778bc6c1252a14eb4297cebab6e

Score
10/10
kpotstealertrojan

Malware Config

Targets

    • Target

      5a8089cb7519c8667b31517b57432905472c262bd9277b05593e55a2b6517e64

    • Size

      548KB

    • MD5

      740c32cefac30c905f5fea06b473d412

    • SHA1

      2a03f94397e8d063f9bfd45c56516242c72c71dd

    • SHA256

      5a8089cb7519c8667b31517b57432905472c262bd9277b05593e55a2b6517e64

    • SHA512

      3467cfa7bdb29c9dd74e64b659fbd384e2ad4df918b465153e77bb0420150b70199b8b99cb95e8484021301c3cbb82a539f1d778bc6c1252a14eb4297cebab6e

    Score
    10/10
    kpotstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks