General

  • Target

    e39a453f3254cb21cf5e44b5ca8d7760N.exe

  • Size

    1.5MB

  • Sample

    240804-gnb5csxhqk

  • MD5

    e39a453f3254cb21cf5e44b5ca8d7760

  • SHA1

    5f1d1d1deb86b149b1399c16649f242a698f31ba

  • SHA256

    c7b1f3e9df28c8d75533bb5b6bdd815f546cf234da9c5d254de1eaf11bf413b1

  • SHA512

    f7c84407f026a462bad9c0c1ea37aa52b948b13148ecf33d158679b1956b583f13b122b34d5fd13692c4ba6ac2885f1650757d2c0beda8b97d70b87b596e139e

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxYKxa:RWWBiby1

Malware Config

Targets

    • Target

      e39a453f3254cb21cf5e44b5ca8d7760N.exe

    • Size

      1.5MB

    • MD5

      e39a453f3254cb21cf5e44b5ca8d7760

    • SHA1

      5f1d1d1deb86b149b1399c16649f242a698f31ba

    • SHA256

      c7b1f3e9df28c8d75533bb5b6bdd815f546cf234da9c5d254de1eaf11bf413b1

    • SHA512

      f7c84407f026a462bad9c0c1ea37aa52b948b13148ecf33d158679b1956b583f13b122b34d5fd13692c4ba6ac2885f1650757d2c0beda8b97d70b87b596e139e

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxYKxa:RWWBiby1

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks