General

  • Target

    5db8bf3d529d29b06a6e53363bed03f0N.exe

  • Size

    1.1MB

  • Sample

    240807-ef9dsazgqr

  • MD5

    5db8bf3d529d29b06a6e53363bed03f0

  • SHA1

    02fe197cb0336288ef444bf26e873ddb81489b43

  • SHA256

    9b9e80df593d24044dc8b6ade2f7bdd2ac328874b1e8439a2511c1007e65b888

  • SHA512

    13693fdcced7bdeae6bed31dda50f3ef111c78baa5ea295ca5130f9a3aaeb363a4d76d23e1dfabc268a12017b036312fe219ac80ab9f75b4121261547e34303d

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQGCZLFdGm13JIy:ROdWCCi7/raZ5aIwC+Agr6S/FpJX

Malware Config

Targets

    • Target

      5db8bf3d529d29b06a6e53363bed03f0N.exe

    • Size

      1.1MB

    • MD5

      5db8bf3d529d29b06a6e53363bed03f0

    • SHA1

      02fe197cb0336288ef444bf26e873ddb81489b43

    • SHA256

      9b9e80df593d24044dc8b6ade2f7bdd2ac328874b1e8439a2511c1007e65b888

    • SHA512

      13693fdcced7bdeae6bed31dda50f3ef111c78baa5ea295ca5130f9a3aaeb363a4d76d23e1dfabc268a12017b036312fe219ac80ab9f75b4121261547e34303d

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQGCZLFdGm13JIy:ROdWCCi7/raZ5aIwC+Agr6S/FpJX

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks