General

  • Target

    20b31e49afe070ec5371bc1a8e7a0199750e617dbe56b0d2a2f19b8f16a80908.exe

  • Size

    2.3MB

  • Sample

    240705-arablsxfnl

  • MD5

    ca30d9cfd5c64efebf36572ad95b7dd0

  • SHA1

    a26478e6a39d8b9f6040c0e3cb02c1ddc483e36e

  • SHA256

    20b31e49afe070ec5371bc1a8e7a0199750e617dbe56b0d2a2f19b8f16a80908

  • SHA512

    5ff5175633fcdc744ac72278af1eeb283e44e4e0a4f948bd709fb2369eed140a146a200ec1013c6a57a399cf36b3ac701c034537e31a23fb680d0725ee981e60

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNvFMs+L:BemTLkNdfE0pZrwL

Malware Config

Targets

    • Target

      20b31e49afe070ec5371bc1a8e7a0199750e617dbe56b0d2a2f19b8f16a80908.exe

    • Size

      2.3MB

    • MD5

      ca30d9cfd5c64efebf36572ad95b7dd0

    • SHA1

      a26478e6a39d8b9f6040c0e3cb02c1ddc483e36e

    • SHA256

      20b31e49afe070ec5371bc1a8e7a0199750e617dbe56b0d2a2f19b8f16a80908

    • SHA512

      5ff5175633fcdc744ac72278af1eeb283e44e4e0a4f948bd709fb2369eed140a146a200ec1013c6a57a399cf36b3ac701c034537e31a23fb680d0725ee981e60

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNvFMs+L:BemTLkNdfE0pZrwL

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks