kpot | 3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5 | Triage

Submit
Reports

Overview

overview

Static

static

3455aa363f...a5.exe

windows7-x64

3455aa363f...a5.exe

windows10-2004-x64

Sharing

General

Target

3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5
Size

1.9MB
Sample

240416-zjk6kscb82
MD5

c263614ce2de29a44a634d05c6307c3b
SHA1

3e783a565554f651470c55b0b961798579623a27
SHA256

3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5
SHA512

d34fd4d4ad9cd92bdb8334dec01084d7f4dbc74784a2029fb9b621694cf32ca1ce114b818bee4f183a338067d0b13e926a6421be4476082c9f20f7f9ae0c34ad
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNbn:BemTLkNdfE0pZrw4

Score

10^/10

kpot xmrig miner stealer trojan upx

Static task

static1

miner upx kpot xmrig

7 signatures

Behavioral task

behavioral1

Sample

3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5.exe

Resource

win7-20240319-en

kpot xmrig miner stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5.exe

Resource

win10v2004-20240412-en

kpot xmrig miner stealer trojan upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5
- Size
  
  1.9MB
- MD5
  
  c263614ce2de29a44a634d05c6307c3b
- SHA1
  
  3e783a565554f651470c55b0b961798579623a27
- SHA256
  
  3455aa363f281c5dbcfc818c227a82117ce20eec50fa6aa5aa03f8006308bea5
- SHA512
  
  d34fd4d4ad9cd92bdb8334dec01084d7f4dbc74784a2029fb9b621694cf32ca1ce114b818bee4f183a338067d0b13e926a6421be4476082c9f20f7f9ae0c34ad
- SSDEEP
  
  49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNbn:BemTLkNdfE0pZrw4
Score

10^/10

kpot xmrig miner stealer trojan upx
- KPOT
  KPOT is an information stealer that steals user data and account credentials.
  trojan stealer kpot
- KPOT Core Executable
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- UPX dump on OEP (original entry point)
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

minerupxkpotxmrig

behavioral1

kpotxmrigminerstealertrojanupx

behavioral2

kpotxmrigminerstealertrojanupx

© 2018-2024

Terms | Privacy