General

  • Target

    eeb65b5b1df99779a949cd09a466f030N.exe

  • Size

    1.4MB

  • Sample

    240813-btceessblk

  • MD5

    eeb65b5b1df99779a949cd09a466f030

  • SHA1

    16d4fb88b509b422144d0665cddac581f87a5db3

  • SHA256

    d6ee9a78959aabc5872793dbb1bc06481a28b15fa0b9cb1c9c241e439e6801f4

  • SHA512

    855fcdc07c45de8932b43b4c894a1545d0c81b3f3ac51b61faee3cdd26400009725c95dd329366f7b18fe078297c235c440ae14945421e0acd4facc575ab19cf

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCCqU:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCZv

Malware Config

Targets

    • Target

      eeb65b5b1df99779a949cd09a466f030N.exe

    • Size

      1.4MB

    • MD5

      eeb65b5b1df99779a949cd09a466f030

    • SHA1

      16d4fb88b509b422144d0665cddac581f87a5db3

    • SHA256

      d6ee9a78959aabc5872793dbb1bc06481a28b15fa0b9cb1c9c241e439e6801f4

    • SHA512

      855fcdc07c45de8932b43b4c894a1545d0c81b3f3ac51b61faee3cdd26400009725c95dd329366f7b18fe078297c235c440ae14945421e0acd4facc575ab19cf

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCCqU:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCZv

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks