Overview

overview

10

Static

static

10

d51d127211...5f.exe

windows7-x64

10

d51d127211...5f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d51d1272113d010595aaf7f72a02e8d8679739fba293354cc747f71ce2c8495f

  • Size

    2.6MB

  • Sample

    240523-d4f7gacd5z

  • MD5

    14a3a5f190fa46c8a9adeaeaf0877915

  • SHA1

    897fb193b97653ed8f7a6126816bdf42083f1bf2

  • SHA256

    d51d1272113d010595aaf7f72a02e8d8679739fba293354cc747f71ce2c8495f

  • SHA512

    91b73d08530b5b61f9ef019713560c4893b384f6444d8168bee9eb7801a91069b6bb40792abf82799b9b63e328cf5eb2e888b05cbd220700786ff55241d78c8f

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SqCPGC6HZkIT/uU:BemTLkNdfE0pZrwX

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      d51d1272113d010595aaf7f72a02e8d8679739fba293354cc747f71ce2c8495f

    • Size

      2.6MB

    • MD5

      14a3a5f190fa46c8a9adeaeaf0877915

    • SHA1

      897fb193b97653ed8f7a6126816bdf42083f1bf2

    • SHA256

      d51d1272113d010595aaf7f72a02e8d8679739fba293354cc747f71ce2c8495f

    • SHA512

      91b73d08530b5b61f9ef019713560c4893b384f6444d8168bee9eb7801a91069b6bb40792abf82799b9b63e328cf5eb2e888b05cbd220700786ff55241d78c8f

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SqCPGC6HZkIT/uU:BemTLkNdfE0pZrwX

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks