General

  • Target

    3a1a46f831624bd4cad631cad64b2860N.exe

  • Size

    1.1MB

  • MD5

    3a1a46f831624bd4cad631cad64b2860

  • SHA1

    2883aa57467989be7c29d58759c7c28cfdb8ff71

  • SHA256

    d206e4bb92ab524d69fcff5460447ed59f19d89fdbb4d6f6073766d373c9f292

  • SHA512

    5b843760c38aba33b25c0be77ed20178f0834a76e5b6a97a435a856a8464a3eb2240ff3f96b42a35a48b3bd9d1e948bc85864f1ef3049eddbdec1246e0378556

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQGCZLFdGm13Jaf4:ROdWCCi7/raZ5aIwC+Agr6S/FpJF

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 3a1a46f831624bd4cad631cad64b2860N.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections