General

  • Target

    b15fae3c3e8ab10a434c51ad82ea73ae9c62ff4db9dc816492dcc3d154de02d6

  • Size

    2.1MB

  • Sample

    240701-bzgakascmf

  • MD5

    255c0c5bf971d11cc5c7fd58da1086b4

  • SHA1

    041205496c6466bddafe5cd1af85636bec54e35e

  • SHA256

    b15fae3c3e8ab10a434c51ad82ea73ae9c62ff4db9dc816492dcc3d154de02d6

  • SHA512

    a740cf13548d4450575b1e031cd8a9275a3c7e57367cdc15627851031823aa9cc50faf7b9920429696cff3f6ace526cea810489f53909689d4af6afb03436848

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNasrVg:oemTLkNdfE0pZrwX

Malware Config

Targets

    • Target

      b15fae3c3e8ab10a434c51ad82ea73ae9c62ff4db9dc816492dcc3d154de02d6

    • Size

      2.1MB

    • MD5

      255c0c5bf971d11cc5c7fd58da1086b4

    • SHA1

      041205496c6466bddafe5cd1af85636bec54e35e

    • SHA256

      b15fae3c3e8ab10a434c51ad82ea73ae9c62ff4db9dc816492dcc3d154de02d6

    • SHA512

      a740cf13548d4450575b1e031cd8a9275a3c7e57367cdc15627851031823aa9cc50faf7b9920429696cff3f6ace526cea810489f53909689d4af6afb03436848

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNasrVg:oemTLkNdfE0pZrwX

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks