Overview

overview

10

Static

static

3

a5b41d7b7c...18.exe

windows7-x64

10

a5b41d7b7c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5b41d7b7c2414c060c457608d2db55f_JaffaCakes118

  • Size

    631KB

  • Sample

    240613-qdy1tathmm

  • MD5

    a5b41d7b7c2414c060c457608d2db55f

  • SHA1

    00a63a124328538e4eea8282d9c6d7032635768f

  • SHA256

    52a6d2dbcc2ee1429418a1d67124c9600db852e5bcbd179f8557a353d45052b9

  • SHA512

    1e678e68067f8771e7a436d2bfb2f7be73465b47ee5d9d16b882957e7a192e0c0368f6b1e4e52d8718d852c084331c9bbfeb5c053bacd69dcff61268f01c47e0

  • SSDEEP

    12288:e3SmeR3feZ+LBrv1SBOU4n1HzXTW/J0uWnXdNNpWpUaaiNzLRHAspqVZlXQgO0Ir:xYOU4n1TXTW/a5nXdRWpUTixR7cbXO0

Score
10/10
kpotstealertrojan

Malware Config

Targets

    • Target

      a5b41d7b7c2414c060c457608d2db55f_JaffaCakes118

    • Size

      631KB

    • MD5

      a5b41d7b7c2414c060c457608d2db55f

    • SHA1

      00a63a124328538e4eea8282d9c6d7032635768f

    • SHA256

      52a6d2dbcc2ee1429418a1d67124c9600db852e5bcbd179f8557a353d45052b9

    • SHA512

      1e678e68067f8771e7a436d2bfb2f7be73465b47ee5d9d16b882957e7a192e0c0368f6b1e4e52d8718d852c084331c9bbfeb5c053bacd69dcff61268f01c47e0

    • SSDEEP

      12288:e3SmeR3feZ+LBrv1SBOU4n1HzXTW/J0uWnXdNNpWpUaaiNzLRHAspqVZlXQgO0Ir:xYOU4n1TXTW/a5nXdRWpUTixR7cbXO0

    Score
    10/10
    kpotstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks