Overview

overview

10

Static

static

10

e191b90628...0N.exe

windows7-x64

10

e191b90628...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e191b906282738a4e0173fb75c71e830N.exe

  • Size

    1.4MB

  • Sample

    240725-tx31na1dqp

  • MD5

    e191b906282738a4e0173fb75c71e830

  • SHA1

    5385ff3e2157e49c149d4a0659c9234371241cc3

  • SHA256

    89f412bc0062da8c743819681aeb4618556ec45eea883936802b7f9f9c863818

  • SHA512

    dc3bc481da5e0dec837cb3d0f5ad173eb43dadd085a78337202ecaae779414b3a267ba3e0105529b8a8868f89d5bebdb937be975cbdfab2c30627bbdb3946054

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCC1lRs:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCCs

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      e191b906282738a4e0173fb75c71e830N.exe

    • Size

      1.4MB

    • MD5

      e191b906282738a4e0173fb75c71e830

    • SHA1

      5385ff3e2157e49c149d4a0659c9234371241cc3

    • SHA256

      89f412bc0062da8c743819681aeb4618556ec45eea883936802b7f9f9c863818

    • SHA512

      dc3bc481da5e0dec837cb3d0f5ad173eb43dadd085a78337202ecaae779414b3a267ba3e0105529b8a8868f89d5bebdb937be975cbdfab2c30627bbdb3946054

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCC1lRs:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCCs

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks