kpot | 3283bdbd6a5958a87683569b8a394a881a9a3b07a8438069bfeb972ee17621c0 | Triage

Submit
Reports

Overview

overview

Static

static

505f8b4d27...cs.exe

windows7-x64

505f8b4d27...cs.exe

windows10-2004-x64

Sharing

General

Target

505f8b4d27b64337c8044516ae7325e0_NeikiAnalytics.exe
Size

2.3MB
Sample

240519-clrd2sdb3s
MD5

505f8b4d27b64337c8044516ae7325e0
SHA1

cfdbea15601c0e191501b3d74ba107929653786b
SHA256

3283bdbd6a5958a87683569b8a394a881a9a3b07a8438069bfeb972ee17621c0
SHA512

1806fac5ffee201ef454220e3ed2dac981b015a5a1f17c9c59bf5f3ab7790b324f67084dc71dc801bf29f632bcb7d2541f76799a5c5fdfb9e1fe35d5bc4aaf0f
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6g81p1vsrNio0m/k:BemTLkNdfE0pZrwl

Score

10^/10

kpot xmrig miner stealer trojan upx

Static task

static1

miner upx kpot xmrig

6 signatures

Behavioral task

behavioral1

Sample

505f8b4d27b64337c8044516ae7325e0_NeikiAnalytics.exe

Resource

win7-20240508-en

kpot xmrig miner stealer trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

505f8b4d27b64337c8044516ae7325e0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

kpot xmrig miner stealer trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  505f8b4d27b64337c8044516ae7325e0_NeikiAnalytics.exe
- Size
  
  2.3MB
- MD5
  
  505f8b4d27b64337c8044516ae7325e0
- SHA1
  
  cfdbea15601c0e191501b3d74ba107929653786b
- SHA256
  
  3283bdbd6a5958a87683569b8a394a881a9a3b07a8438069bfeb972ee17621c0
- SHA512
  
  1806fac5ffee201ef454220e3ed2dac981b015a5a1f17c9c59bf5f3ab7790b324f67084dc71dc801bf29f632bcb7d2541f76799a5c5fdfb9e1fe35d5bc4aaf0f
- SSDEEP
  
  49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6g81p1vsrNio0m/k:BemTLkNdfE0pZrwl
Score

10^/10

kpot xmrig miner stealer trojan upx
- KPOT
  KPOT is an information stealer that steals user data and account credentials.
  trojan stealer kpot
- KPOT Core Executable
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

minerupxkpotxmrig

behavioral1

kpotxmrigminerstealertrojanupx

behavioral2

kpotxmrigminerstealertrojanupx

© 2018-2025

Terms | Privacy