General

  • Target

    1478fd9acbf2af7024f9827a119f13cc9fe27bbb8c3882e8eb74416851bf1ebe.exe

  • Size

    1.5MB

  • Sample

    240704-2czrhasfpr

  • MD5

    c2e96db2175b7d171660e2d508415200

  • SHA1

    51bb652bc3cf65cf8dd7d21a3140f57db82d1091

  • SHA256

    1478fd9acbf2af7024f9827a119f13cc9fe27bbb8c3882e8eb74416851bf1ebe

  • SHA512

    a7d58dc98ef7019623a54e11d063c8cfed2f78814d1e09af91d091666433e3b5dced49258307a065640e1f8c97b6ce08e1a26f2cf18532fc3ca1b4db3695f338

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZcvd:ROdWCCi7/raZ5aIwC+Agr6StYC7V

Malware Config

Targets

    • Target

      1478fd9acbf2af7024f9827a119f13cc9fe27bbb8c3882e8eb74416851bf1ebe.exe

    • Size

      1.5MB

    • MD5

      c2e96db2175b7d171660e2d508415200

    • SHA1

      51bb652bc3cf65cf8dd7d21a3140f57db82d1091

    • SHA256

      1478fd9acbf2af7024f9827a119f13cc9fe27bbb8c3882e8eb74416851bf1ebe

    • SHA512

      a7d58dc98ef7019623a54e11d063c8cfed2f78814d1e09af91d091666433e3b5dced49258307a065640e1f8c97b6ce08e1a26f2cf18532fc3ca1b4db3695f338

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZcvd:ROdWCCi7/raZ5aIwC+Agr6StYC7V

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks