Overview

overview

10

Static

static

10

7ffd8f5699...70.exe

windows7-x64

10

7ffd8f5699...70.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7ffd8f5699cb7142179d2e7a805f2bc549ade47648bcc7a497fff86198906870

  • Size

    1.5MB

  • MD5

    b6ad1e49ee3bc48776bc8ebb726d375c

  • SHA1

    ebd589a0c9c81db2bf31fa2bb3f95e2d511d89c9

  • SHA256

    7ffd8f5699cb7142179d2e7a805f2bc549ade47648bcc7a497fff86198906870

  • SHA512

    857bf53ca1d105323fe7a9369dab642f000a1daa1801537e9a6a05ac68bb7b91285235d5116f65045085499311c1d392668a20bc6fe888aa12dda53c78fdc8e2

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQE4efQg3zNn+2jsvercPk9N4hVI3/Zu:ROdWCCi7/raZ5aIwC+Agr6SqCPGXCb

Score
10/10
upxminerkpotxmrig

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
    kpot
  • UPX dump on OEP (original entry point) 1 IoCs
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 7ffd8f5699cb7142179d2e7a805f2bc549ade47648bcc7a497fff86198906870
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections