Overview

overview

10

Static

static

10

94e202ca4a...0N.exe

windows7-x64

10

94e202ca4a...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94e202ca4a2455474ab3853873bfd1b0N.exe

  • Size

    1.5MB

  • Sample

    240716-kgcdbswfnb

  • MD5

    94e202ca4a2455474ab3853873bfd1b0

  • SHA1

    6422689f5e7d060179f0d6c61caac2d6032d00ae

  • SHA256

    845395c09f511a4a23b4f44c917f3c3d6b4fdb93024404c22307e4b62c6b5748

  • SHA512

    878df56342e4010f6c936350625777fa5c674293b177c6673a2698528b48aa0acfe76cd5b20202a32c93e565e3d26453b7589708cd861b9eb442e8f89ff7647a

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxYKo:RWWBibyT

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      94e202ca4a2455474ab3853873bfd1b0N.exe

    • Size

      1.5MB

    • MD5

      94e202ca4a2455474ab3853873bfd1b0

    • SHA1

      6422689f5e7d060179f0d6c61caac2d6032d00ae

    • SHA256

      845395c09f511a4a23b4f44c917f3c3d6b4fdb93024404c22307e4b62c6b5748

    • SHA512

      878df56342e4010f6c936350625777fa5c674293b177c6673a2698528b48aa0acfe76cd5b20202a32c93e565e3d26453b7589708cd861b9eb442e8f89ff7647a

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxYKo:RWWBibyT

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks