General

  • Target

    1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942

  • Size

    1.5MB

  • Sample

    240704-xh39natbpk

  • MD5

    3f79897cf12b15c7a7b4515a152df298

  • SHA1

    3e26c25ec6762a927a0dd7c60dafaa8a3653b24d

  • SHA256

    1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942

  • SHA512

    d260e6d00f48606facc2c41fb6a0a57c841f1a36434920c7152df9301e1d4ba83cf073b6aae59ffbac9777c048f63ba0bce87577e1f61c6402cffe9368209093

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZY:ROdWCCi7/raZ5aIwC+Agr6StYCR

Malware Config

Targets

    • Target

      1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942

    • Size

      1.5MB

    • MD5

      3f79897cf12b15c7a7b4515a152df298

    • SHA1

      3e26c25ec6762a927a0dd7c60dafaa8a3653b24d

    • SHA256

      1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942

    • SHA512

      d260e6d00f48606facc2c41fb6a0a57c841f1a36434920c7152df9301e1d4ba83cf073b6aae59ffbac9777c048f63ba0bce87577e1f61c6402cffe9368209093

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZY:ROdWCCi7/raZ5aIwC+Agr6StYCR

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks