Overview

overview

10

Static

static

10

07a08722da...55.exe

windows7-x64

10

07a08722da...55.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07a08722da205f03d135613e8e93a43247f9481c5c47a98126f7245d92cb2955

  • Size

    2.3MB

  • Sample

    240604-w16xtsfh97

  • MD5

    463c4f9fa8798884996f18db68f0ff25

  • SHA1

    525f7ee91a4326c8065cedc7a833153bf86d3881

  • SHA256

    07a08722da205f03d135613e8e93a43247f9481c5c47a98126f7245d92cb2955

  • SHA512

    18d3a5f223e0dc5f78eafbe28b0e828b2618890ad3f95799f2d7e4759d09e89e483e962bdc66ee9b468f206a2440123b87c5f68d8f45d6466ffac941c297c367

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNvFMs+d:BemTLkNdfE0pZrwd

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      07a08722da205f03d135613e8e93a43247f9481c5c47a98126f7245d92cb2955

    • Size

      2.3MB

    • MD5

      463c4f9fa8798884996f18db68f0ff25

    • SHA1

      525f7ee91a4326c8065cedc7a833153bf86d3881

    • SHA256

      07a08722da205f03d135613e8e93a43247f9481c5c47a98126f7245d92cb2955

    • SHA512

      18d3a5f223e0dc5f78eafbe28b0e828b2618890ad3f95799f2d7e4759d09e89e483e962bdc66ee9b468f206a2440123b87c5f68d8f45d6466ffac941c297c367

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNvFMs+d:BemTLkNdfE0pZrwd

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks