kpot | 7e309b66de8abed2c28d508695722976a978f6a021991e5522d73bf9970fb9f4 | Triage

Submit
Reports

Overview

overview

Static

static

ddf3f137d8...cs.exe

windows7-x64

ddf3f137d8...cs.exe

windows10-2004-x64

Sharing

General

Target

ddf3f137d89e441eb171ae374ea80dd0_NeikiAnalytics.exe
Size

2.5MB
Sample

240607-p6dpxagd3z
MD5

ddf3f137d89e441eb171ae374ea80dd0
SHA1

f9bf7ebf3f80cccc4b9dee8bbfdeb56828cb0047
SHA256

7e309b66de8abed2c28d508695722976a978f6a021991e5522d73bf9970fb9f4
SHA512

9b53d6982ce8a2474eddc26e80b71a20ebaef997ab7b258bc8736240f7ae6ca628da5819ff3eeec8f843a5202ee1f036650c45baf9ce9afb6d953d0f19ac59ca
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6tdlmU1/eo5Q:BemTLkNdfE0pZrwU

Score

10^/10

kpot xmrig miner stealer trojan upx

Static task

static1

miner upx kpot xmrig

6 signatures

Behavioral task

behavioral1

Sample

ddf3f137d89e441eb171ae374ea80dd0_NeikiAnalytics.exe

Resource

win7-20240508-en

kpot xmrig miner stealer trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddf3f137d89e441eb171ae374ea80dd0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

kpot xmrig miner stealer trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddf3f137d89e441eb171ae374ea80dd0_NeikiAnalytics.exe
- Size
  
  2.5MB
- MD5
  
  ddf3f137d89e441eb171ae374ea80dd0
- SHA1
  
  f9bf7ebf3f80cccc4b9dee8bbfdeb56828cb0047
- SHA256
  
  7e309b66de8abed2c28d508695722976a978f6a021991e5522d73bf9970fb9f4
- SHA512
  
  9b53d6982ce8a2474eddc26e80b71a20ebaef997ab7b258bc8736240f7ae6ca628da5819ff3eeec8f843a5202ee1f036650c45baf9ce9afb6d953d0f19ac59ca
- SSDEEP
  
  49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6tdlmU1/eo5Q:BemTLkNdfE0pZrwU
Score

10^/10

kpot xmrig miner stealer trojan upx
- KPOT
  KPOT is an information stealer that steals user data and account credentials.
  trojan stealer kpot
- KPOT Core Executable
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

minerupxkpotxmrig

behavioral1

kpotxmrigminerstealertrojanupx

behavioral2

kpotxmrigminerstealertrojanupx

© 2018-2025

Terms | Privacy