General

  • Target

    d9cb73dc8c204fd3b75ca80492325490N.exe

  • Size

    1.3MB

  • Sample

    240814-hz84xatgnn

  • MD5

    d9cb73dc8c204fd3b75ca80492325490

  • SHA1

    dcf252af0293c0fea41a97bc6b8adcca68947953

  • SHA256

    d21405673634025ce818166e295803a701de8eea040456c1ef5d8b3024aafaca

  • SHA512

    a0f28f45992453d021b2ed6756a3148c6b216d0b2b790a4582fe1632cab698b3f64012405f11f36653596ad7f0618a7d9038475302455714f531fba7212e0a4f

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQt+4En+bcMAOxA5zYlU+jCcl4u:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxn

Malware Config

Targets

    • Target

      d9cb73dc8c204fd3b75ca80492325490N.exe

    • Size

      1.3MB

    • MD5

      d9cb73dc8c204fd3b75ca80492325490

    • SHA1

      dcf252af0293c0fea41a97bc6b8adcca68947953

    • SHA256

      d21405673634025ce818166e295803a701de8eea040456c1ef5d8b3024aafaca

    • SHA512

      a0f28f45992453d021b2ed6756a3148c6b216d0b2b790a4582fe1632cab698b3f64012405f11f36653596ad7f0618a7d9038475302455714f531fba7212e0a4f

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQt+4En+bcMAOxA5zYlU+jCcl4u:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxn

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks