General

  • Target

    b65810ebb78b51a1090d085f0e122f60N.exe

  • Size

    1.5MB

  • Sample

    240805-vwdj2swgle

  • MD5

    b65810ebb78b51a1090d085f0e122f60

  • SHA1

    ad9af0df4240c3c8e228ca32ea4cf3469feb3038

  • SHA256

    ffc8c6093a5008d515a9e429bddc6e0e1b64e3f25befc05cfbbb3c5520dbbd82

  • SHA512

    ee73b6adebb9d4f84e8b70d1562f76d04d059663bf2dc13cbe5dc9f5259163dd52499e193b7e3ae68e266a4003891da409fc4a414bda0a9cc4450b86815b9863

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCC6R6HTA:ROdWCCi7/raZ5aIwC+Agr6SNasrsFC4M

Malware Config

Targets

    • Target

      b65810ebb78b51a1090d085f0e122f60N.exe

    • Size

      1.5MB

    • MD5

      b65810ebb78b51a1090d085f0e122f60

    • SHA1

      ad9af0df4240c3c8e228ca32ea4cf3469feb3038

    • SHA256

      ffc8c6093a5008d515a9e429bddc6e0e1b64e3f25befc05cfbbb3c5520dbbd82

    • SHA512

      ee73b6adebb9d4f84e8b70d1562f76d04d059663bf2dc13cbe5dc9f5259163dd52499e193b7e3ae68e266a4003891da409fc4a414bda0a9cc4450b86815b9863

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCC6R6HTA:ROdWCCi7/raZ5aIwC+Agr6SNasrsFC4M

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks