General

  • Target

    378c8610bd5ecd81bc2d1318a65d7764ca9c0c7ae886e8908fb00c4db3bb1efa

  • Size

    2.0MB

  • Sample

    240704-zecnmsxfmp

  • MD5

    05a1200f020064acc5c43ccd46ce4818

  • SHA1

    a2bc8e21edb81990b74e9eebccb253c74e7aa294

  • SHA256

    378c8610bd5ecd81bc2d1318a65d7764ca9c0c7ae886e8908fb00c4db3bb1efa

  • SHA512

    b9a4b7e165b3aafef4596c137f1ba8d8eeb91db8d374857bbe9f7fd52f20eb0261deadb055256f0bd38c5878d30522708c12aa64e6d7cc31e09b3f015ee3ce36

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StBv:oemTLkNdfE0pZrwG

Malware Config

Targets

    • Target

      378c8610bd5ecd81bc2d1318a65d7764ca9c0c7ae886e8908fb00c4db3bb1efa

    • Size

      2.0MB

    • MD5

      05a1200f020064acc5c43ccd46ce4818

    • SHA1

      a2bc8e21edb81990b74e9eebccb253c74e7aa294

    • SHA256

      378c8610bd5ecd81bc2d1318a65d7764ca9c0c7ae886e8908fb00c4db3bb1efa

    • SHA512

      b9a4b7e165b3aafef4596c137f1ba8d8eeb91db8d374857bbe9f7fd52f20eb0261deadb055256f0bd38c5878d30522708c12aa64e6d7cc31e09b3f015ee3ce36

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StBv:oemTLkNdfE0pZrwG

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks