General

  • Target

    dcf627d2b8c8eeacd9405d22d2ebfcc5d9d2c0fd38982b3fccf73a70e9b2b251

  • Size

    1.6MB

  • Sample

    240731-ggjkvszajn

  • MD5

    28b52804fed809654ba48323547348ff

  • SHA1

    4a16816232a45ff493e1338b5b4f16478b42116a

  • SHA256

    dcf627d2b8c8eeacd9405d22d2ebfcc5d9d2c0fd38982b3fccf73a70e9b2b251

  • SHA512

    b9da2c789ffe5f7d7a75306a43704be6ce333422aa511c814092b6e0eedf20a21b3dd5f077c1d63a7166134b211efbc221eecca3ec0d846c975004bd4a0294cc

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SGp:BemTLkNdfE0pZrwZ

Malware Config

Targets

    • Target

      dcf627d2b8c8eeacd9405d22d2ebfcc5d9d2c0fd38982b3fccf73a70e9b2b251

    • Size

      1.6MB

    • MD5

      28b52804fed809654ba48323547348ff

    • SHA1

      4a16816232a45ff493e1338b5b4f16478b42116a

    • SHA256

      dcf627d2b8c8eeacd9405d22d2ebfcc5d9d2c0fd38982b3fccf73a70e9b2b251

    • SHA512

      b9da2c789ffe5f7d7a75306a43704be6ce333422aa511c814092b6e0eedf20a21b3dd5f077c1d63a7166134b211efbc221eecca3ec0d846c975004bd4a0294cc

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SGp:BemTLkNdfE0pZrwZ

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks