General

  • Target

    c7d01151114413bf0b97ccadf5272a73dcba9b12e6165fbb8243becb719b4754

  • Size

    2.0MB

  • Sample

    240630-cc4b9awajj

  • MD5

    dd69a7f6aa226e9357d0f7219623c00c

  • SHA1

    52491f81bbc0f0ab06cfdb1ae7e0ea78c8d6f34d

  • SHA256

    c7d01151114413bf0b97ccadf5272a73dcba9b12e6165fbb8243becb719b4754

  • SHA512

    803b96c98293fb0a5d1db403256ff292dd6effea5277ee28fed8b64bc6defef36e05d905ddb85102f17c0cc66dbf485e2115abfcfb17718abddcdc0167352344

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6KI38:BemTLkNdfE0pZrw0

Malware Config

Targets

    • Target

      c7d01151114413bf0b97ccadf5272a73dcba9b12e6165fbb8243becb719b4754

    • Size

      2.0MB

    • MD5

      dd69a7f6aa226e9357d0f7219623c00c

    • SHA1

      52491f81bbc0f0ab06cfdb1ae7e0ea78c8d6f34d

    • SHA256

      c7d01151114413bf0b97ccadf5272a73dcba9b12e6165fbb8243becb719b4754

    • SHA512

      803b96c98293fb0a5d1db403256ff292dd6effea5277ee28fed8b64bc6defef36e05d905ddb85102f17c0cc66dbf485e2115abfcfb17718abddcdc0167352344

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6KI38:BemTLkNdfE0pZrw0

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks