General

  • Target

    virussign.com_a28f82713688ac2f057fbfab65add680.vir

  • Size

    2.0MB

  • Sample

    240602-xpsrhabe6y

  • MD5

    a28f82713688ac2f057fbfab65add680

  • SHA1

    337744fac5d8565fff9d23a6540b65189ce5764d

  • SHA256

    366d6d3015dc6b19c09146895dcf8eaf51fa232dea9340286c0027d630c0fd4d

  • SHA512

    d22e677588b2ad91ecef19b95af24774aece2512ff5fe6e969627b8c7e43042bb7dc1e647c556d259d91d9a2dd18aace44de55f671975e8e7966f64895942993

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2c:GemTLkNdfE0pZaQU

Malware Config

Targets

    • Target

      virussign.com_a28f82713688ac2f057fbfab65add680.vir

    • Size

      2.0MB

    • MD5

      a28f82713688ac2f057fbfab65add680

    • SHA1

      337744fac5d8565fff9d23a6540b65189ce5764d

    • SHA256

      366d6d3015dc6b19c09146895dcf8eaf51fa232dea9340286c0027d630c0fd4d

    • SHA512

      d22e677588b2ad91ecef19b95af24774aece2512ff5fe6e969627b8c7e43042bb7dc1e647c556d259d91d9a2dd18aace44de55f671975e8e7966f64895942993

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2c:GemTLkNdfE0pZaQU

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks