General

  • Target

    0872941a4940fa105c8e6042a3e14890.exe

  • Size

    2.3MB

  • Sample

    240705-1bqxjayekb

  • MD5

    0872941a4940fa105c8e6042a3e14890

  • SHA1

    63e37957d4d199adb9a7533826ec3ea723de49ef

  • SHA256

    0202e3022c334f9680740f289f462dde6dd3402a4fbd0098d631353270e0d0f9

  • SHA512

    24d5ccd301b416d9ecd01668ae493a7f2d6444b3d4affe6abeb0d2cab57e17bccefc7a4756b1544bf45b4e091b0f6d6010087d1450657ec1c2e95e805ab1d8d7

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StYCJHZ:oemTLkNdfE0pZrwA

Malware Config

Targets

    • Target

      0872941a4940fa105c8e6042a3e14890.exe

    • Size

      2.3MB

    • MD5

      0872941a4940fa105c8e6042a3e14890

    • SHA1

      63e37957d4d199adb9a7533826ec3ea723de49ef

    • SHA256

      0202e3022c334f9680740f289f462dde6dd3402a4fbd0098d631353270e0d0f9

    • SHA512

      24d5ccd301b416d9ecd01668ae493a7f2d6444b3d4affe6abeb0d2cab57e17bccefc7a4756b1544bf45b4e091b0f6d6010087d1450657ec1c2e95e805ab1d8d7

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StYCJHZ:oemTLkNdfE0pZrwA

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks