General

  • Target

    04bda957973a1f483760c0025e6e1e0794f549d08f98c15e36019f377c3e3705

  • Size

    2.0MB

  • Sample

    240702-wxc6caydqr

  • MD5

    0f25937efc618753bd1f00b247b473e7

  • SHA1

    116f44fc77a492abad6b3c9180c8f0ff9e7700be

  • SHA256

    04bda957973a1f483760c0025e6e1e0794f549d08f98c15e36019f377c3e3705

  • SHA512

    7198fb0dab91fa7adfeb6cbe006b87fff153d84a7110dcb6690fff5a49dfe31a93dd1d68766b282dabdd810822d0763cad526269e183d8d9e8fc1b529f95eef8

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2v:GemTLkNdfE0pZaQ3

Malware Config

Targets

    • Target

      04bda957973a1f483760c0025e6e1e0794f549d08f98c15e36019f377c3e3705

    • Size

      2.0MB

    • MD5

      0f25937efc618753bd1f00b247b473e7

    • SHA1

      116f44fc77a492abad6b3c9180c8f0ff9e7700be

    • SHA256

      04bda957973a1f483760c0025e6e1e0794f549d08f98c15e36019f377c3e3705

    • SHA512

      7198fb0dab91fa7adfeb6cbe006b87fff153d84a7110dcb6690fff5a49dfe31a93dd1d68766b282dabdd810822d0763cad526269e183d8d9e8fc1b529f95eef8

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2v:GemTLkNdfE0pZaQ3

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks