General

  • Target

    dfe634162a816a1be04eec44576f05c0N.exe

  • Size

    1.4MB

  • Sample

    240813-nks22a1bjf

  • MD5

    dfe634162a816a1be04eec44576f05c0

  • SHA1

    5f590459f16437ed7902512222d7d1e411081eba

  • SHA256

    27004a27cf6a97420bef0128f59a9e6690328e9517f2d88f06e9aecbc6521b1c

  • SHA512

    92811077fd021dc1d70d5c9cbd1d3f90c5da658b9596f961346ddc67dda4c6c2db8ce7575863ed73537e025433256bcc0ca726cd84145d21ca50c8f25103df0d

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCCqx:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCZa

Malware Config

Targets

    • Target

      dfe634162a816a1be04eec44576f05c0N.exe

    • Size

      1.4MB

    • MD5

      dfe634162a816a1be04eec44576f05c0

    • SHA1

      5f590459f16437ed7902512222d7d1e411081eba

    • SHA256

      27004a27cf6a97420bef0128f59a9e6690328e9517f2d88f06e9aecbc6521b1c

    • SHA512

      92811077fd021dc1d70d5c9cbd1d3f90c5da658b9596f961346ddc67dda4c6c2db8ce7575863ed73537e025433256bcc0ca726cd84145d21ca50c8f25103df0d

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCCqx:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCZa

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks