Overview

overview

10

Static

static

10

725365bd2e...81.exe

windows7-x64

10

725365bd2e...81.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    725365bd2ef95bbde0505faf78f418f39407da1cf745cca194671f110062e281

  • Size

    2.0MB

  • Sample

    240604-22m41aed81

  • MD5

    716a72eb59cb9ada90f423f994a3492c

  • SHA1

    29c7b5764a8cab4538398f5acd1642c33af556e6

  • SHA256

    725365bd2ef95bbde0505faf78f418f39407da1cf745cca194671f110062e281

  • SHA512

    f22b9fb88fee1fe30b6c80ff53a5f905a8717e50d34fd44f018a4acf3f609b18528c8ab9b93b16bc1dfe105d6ae5c2057558a8b645eaf1ba63b836f5a1fe237d

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6Sto:oemTLkNdfE0pZrwl

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      725365bd2ef95bbde0505faf78f418f39407da1cf745cca194671f110062e281

    • Size

      2.0MB

    • MD5

      716a72eb59cb9ada90f423f994a3492c

    • SHA1

      29c7b5764a8cab4538398f5acd1642c33af556e6

    • SHA256

      725365bd2ef95bbde0505faf78f418f39407da1cf745cca194671f110062e281

    • SHA512

      f22b9fb88fee1fe30b6c80ff53a5f905a8717e50d34fd44f018a4acf3f609b18528c8ab9b93b16bc1dfe105d6ae5c2057558a8b645eaf1ba63b836f5a1fe237d

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6Sto:oemTLkNdfE0pZrwl

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks