kpot | 4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

4eb20318c6...86.exe

windows7-x64

4eb20318c6...86.exe

windows10-2004-x64

Sharing

General

Target

4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686
Size

2.3MB
Sample

240529-1dhzpsbc87
MD5

5c8e40a2b750aa749a28639aa5c3d029
SHA1

a4281d7f3a44cd508b05b37b5535badf09e76c32
SHA256

4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686
SHA512

5b598e90d6cb7d4af1c784f46b4087500c85639a8cd303bd867b5a1727ab7b5bbc2ce0f6cd4fab889c860f12a13fa461511f4bdda34be565a66fbf4616d39e82
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKWnq0vljmTbX:BemTLkNdfE0pZrwS

Score

10^/10

kpot xmrig miner stealer trojan upx

Static task

static1

miner upx kpot xmrig

7 signatures

Behavioral task

behavioral1

Sample

4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686.exe

Resource

win7-20240221-en

kpot xmrig miner stealer trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686.exe

Resource

win10v2004-20240426-en

kpot xmrig miner stealer trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686
- Size
  
  2.3MB
- MD5
  
  5c8e40a2b750aa749a28639aa5c3d029
- SHA1
  
  a4281d7f3a44cd508b05b37b5535badf09e76c32
- SHA256
  
  4eb20318c634ae504d9e9045b570081bc2bc48bfeed7a612381beafa13464686
- SHA512
  
  5b598e90d6cb7d4af1c784f46b4087500c85639a8cd303bd867b5a1727ab7b5bbc2ce0f6cd4fab889c860f12a13fa461511f4bdda34be565a66fbf4616d39e82
- SSDEEP
  
  49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKWnq0vljmTbX:BemTLkNdfE0pZrwS
Score

10^/10

kpot xmrig miner stealer trojan upx
- KPOT
  KPOT is an information stealer that steals user data and account credentials.
  trojan stealer kpot
- KPOT Core Executable
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- UPX dump on OEP (original entry point)
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerupxkpotxmrig

behavioral1

kpotxmrigminerstealertrojanupx

behavioral2

kpotxmrigminerstealertrojanupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.