General

  • Target

    ee3b9798784fffae6d0abfc691530b7841409637e30c641c1ef09a1e2fc5af0e

  • Size

    1.5MB

  • MD5

    092de62e385f7d762f6ccf788602cf3c

  • SHA1

    8cde55d1c04ea5310b3a761b49cefb3da374d256

  • SHA256

    ee3b9798784fffae6d0abfc691530b7841409637e30c641c1ef09a1e2fc5af0e

  • SHA512

    72ed534f72866990007517d11eff41f82e0767f981326aee3232922128cf09f5934079d81bc3aaf77441d10ea55885841a58109a1cd8df2f6d2f5f2ff4ce2afe

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcK9dFCfI:RWWBibyM

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • ee3b9798784fffae6d0abfc691530b7841409637e30c641c1ef09a1e2fc5af0e
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections