General

  • Target

    166d94ad79c646d632127e0a349b245fd8799a6103c0ad06910ac40b5088a716

  • Size

    2.4MB

  • Sample

    240707-xxbsysygrd

  • MD5

    afd194728ec83bdff4eaf378e49b8576

  • SHA1

    7460a2f4d9db32d173edcef6f38662384f553261

  • SHA256

    166d94ad79c646d632127e0a349b245fd8799a6103c0ad06910ac40b5088a716

  • SHA512

    695c39c2a230fa565a0444275ef6b9f3a13275e3bc9dfaf88629bf7306dd7ede6a0d8cc73494bdd3aa50fe9b151728a2322333ad7b5b73d7302af2dc9f83e6a8

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKrwwyGwSw3Z:BemTLkNdfE0pZrwF

Malware Config

Targets

    • Target

      166d94ad79c646d632127e0a349b245fd8799a6103c0ad06910ac40b5088a716

    • Size

      2.4MB

    • MD5

      afd194728ec83bdff4eaf378e49b8576

    • SHA1

      7460a2f4d9db32d173edcef6f38662384f553261

    • SHA256

      166d94ad79c646d632127e0a349b245fd8799a6103c0ad06910ac40b5088a716

    • SHA512

      695c39c2a230fa565a0444275ef6b9f3a13275e3bc9dfaf88629bf7306dd7ede6a0d8cc73494bdd3aa50fe9b151728a2322333ad7b5b73d7302af2dc9f83e6a8

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKrwwyGwSw3Z:BemTLkNdfE0pZrwF

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks