General

  • Target

    424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4.exe

  • Size

    1.5MB

  • Sample

    240705-j9gm3svfkq

  • MD5

    f65a2304c1dfd5db1c0dd85dc7995d80

  • SHA1

    fe1e9242eb29881f468455378a228147b9d6c978

  • SHA256

    424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4

  • SHA512

    b43042aab5122a2dfa100a69ea1fc21541cfcb7ee4369dcbd434751236d879b3af78b471fe19d1da4e819c5acb117b7b618e723e2db2736fe62d3d98284d30be

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZGGhci:ROdWCCi7/raZ5aIwC+Agr6StYCTi

Malware Config

Targets

    • Target

      424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4.exe

    • Size

      1.5MB

    • MD5

      f65a2304c1dfd5db1c0dd85dc7995d80

    • SHA1

      fe1e9242eb29881f468455378a228147b9d6c978

    • SHA256

      424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4

    • SHA512

      b43042aab5122a2dfa100a69ea1fc21541cfcb7ee4369dcbd434751236d879b3af78b471fe19d1da4e819c5acb117b7b618e723e2db2736fe62d3d98284d30be

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZGGhci:ROdWCCi7/raZ5aIwC+Agr6StYCTi

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks