General

  • Target

    3f87e8a26201be20b4378afb0dff06a32792bad05f4c7621254f583643d308e8.exe

  • Size

    2.3MB

  • Sample

    240705-gr8bzatdpr

  • MD5

    a989b4d180576f9c2903ec043fb391a0

  • SHA1

    6448fc43689c665fb8dbe124725fa7aa909090a5

  • SHA256

    3f87e8a26201be20b4378afb0dff06a32792bad05f4c7621254f583643d308e8

  • SHA512

    20fc57859f34da5053f918f6cd27db170e0d3b2bd75eec8495778390cde4846666f5c56d6c28b53bcbcf3bef6c114428035f2eadf54294c163b1b006fe2a3b3e

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNvFMs+Wjdm:BemTLkNdfE0pZrwl

Malware Config

Targets

    • Target

      3f87e8a26201be20b4378afb0dff06a32792bad05f4c7621254f583643d308e8.exe

    • Size

      2.3MB

    • MD5

      a989b4d180576f9c2903ec043fb391a0

    • SHA1

      6448fc43689c665fb8dbe124725fa7aa909090a5

    • SHA256

      3f87e8a26201be20b4378afb0dff06a32792bad05f4c7621254f583643d308e8

    • SHA512

      20fc57859f34da5053f918f6cd27db170e0d3b2bd75eec8495778390cde4846666f5c56d6c28b53bcbcf3bef6c114428035f2eadf54294c163b1b006fe2a3b3e

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNvFMs+Wjdm:BemTLkNdfE0pZrwl

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks