Overview

overview

10

Static

static

10

virussign....20.exe

windows7-x64

10

virussign....20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virussign.com_57368d5d5a2a47487db5f28cffe6d620.vir

  • Size

    2.0MB

  • Sample

    240602-lfxhjshc2y

  • MD5

    57368d5d5a2a47487db5f28cffe6d620

  • SHA1

    6314c663a5a90c8693403323152196b2f4a74f1b

  • SHA256

    a57dec239b0d70989d5e0e8432ff133dcc18131349e20ceefd2104cdef7c0d49

  • SHA512

    692bbd9fe5864b1f79b413013f560cdac4ce75474d111f4d553bbcc22cd8875d8a874f19fc9d323b87a27d23e7fc796cd20497987ee14ff9040046483be5a0fa

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2g7:GemTLkNdfE0pZaQK

Score
10/10
kpotxmrigminerstealertrojan

Malware Config

Targets

    • Target

      virussign.com_57368d5d5a2a47487db5f28cffe6d620.vir

    • Size

      2.0MB

    • MD5

      57368d5d5a2a47487db5f28cffe6d620

    • SHA1

      6314c663a5a90c8693403323152196b2f4a74f1b

    • SHA256

      a57dec239b0d70989d5e0e8432ff133dcc18131349e20ceefd2104cdef7c0d49

    • SHA512

      692bbd9fe5864b1f79b413013f560cdac4ce75474d111f4d553bbcc22cd8875d8a874f19fc9d323b87a27d23e7fc796cd20497987ee14ff9040046483be5a0fa

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2g7:GemTLkNdfE0pZaQK

    Score
    10/10
    kpotxmrigminerstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks