General

  • Target

    9101886fa743354b011fbaa3bf089e46e60b971dd9dbc69c2e49060ad5ad70e8

  • Size

    2.1MB

  • MD5

    d0911d5cb685fca4abeead3f7d02f05c

  • SHA1

    0da7c36f6f048f6e38ddf02924810817f5f024fc

  • SHA256

    9101886fa743354b011fbaa3bf089e46e60b971dd9dbc69c2e49060ad5ad70e8

  • SHA512

    8823366b7b07252facc209dca8ecf5305e0eae5ee1ce8a55c01462ba5346a2e4ebbcc3e0f5a05fa6f9b5352d9a4fb8d7f9508da8655b2c143c4aec3f92bde588

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKxYDtJ:BemTLkNdfE0pZrwn

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9101886fa743354b011fbaa3bf089e46e60b971dd9dbc69c2e49060ad5ad70e8
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections