General

  • Target

    1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942

  • Size

    1.5MB

  • MD5

    3f79897cf12b15c7a7b4515a152df298

  • SHA1

    3e26c25ec6762a927a0dd7c60dafaa8a3653b24d

  • SHA256

    1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942

  • SHA512

    d260e6d00f48606facc2c41fb6a0a57c841f1a36434920c7152df9301e1d4ba83cf073b6aae59ffbac9777c048f63ba0bce87577e1f61c6402cffe9368209093

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZY:ROdWCCi7/raZ5aIwC+Agr6StYCR

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 1039adf8b8eed0555b019576be46b9dfcc9bbfdf954771ff7cc7dcf8add4c942
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections