General

  • Target

    53c16e79e429d003004412ffe9899e0d8473432bb342e59431c33717bf4218d0

  • Size

    1.3MB

  • Sample

    240604-1g2k8acc9x

  • MD5

    30b1ee9a82a6d46070b827c03556e084

  • SHA1

    7c5b34004d55639acd068bc8769dcddc0852111c

  • SHA256

    53c16e79e429d003004412ffe9899e0d8473432bb342e59431c33717bf4218d0

  • SHA512

    35550d86e620b5da7a867c4dbdce032c7acfe2e07022354f6535c95fdf371a513ea16862344199d67e66752a8728874ea74bb93689ccc895212d956540f509ae

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9l7:ROdWCCi7/raZ5aIwC+Agr6SNask

Malware Config

Targets

    • Target

      53c16e79e429d003004412ffe9899e0d8473432bb342e59431c33717bf4218d0

    • Size

      1.3MB

    • MD5

      30b1ee9a82a6d46070b827c03556e084

    • SHA1

      7c5b34004d55639acd068bc8769dcddc0852111c

    • SHA256

      53c16e79e429d003004412ffe9899e0d8473432bb342e59431c33717bf4218d0

    • SHA512

      35550d86e620b5da7a867c4dbdce032c7acfe2e07022354f6535c95fdf371a513ea16862344199d67e66752a8728874ea74bb93689ccc895212d956540f509ae

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9l7:ROdWCCi7/raZ5aIwC+Agr6SNask

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks