General

  • Target

    0945c19fec7c87e5870c3b1abefb75158578f95c2e0bc366fe89841b7ce2e3ab

  • Size

    1.9MB

  • Sample

    240817-xbn66atcql

  • MD5

    b1c9f9bb0be10c2edf187389b8cf883e

  • SHA1

    6bc287783709f5b896d43c2fe0700643fe4a1926

  • SHA256

    0945c19fec7c87e5870c3b1abefb75158578f95c2e0bc366fe89841b7ce2e3ab

  • SHA512

    ab443a8e9b19e3bc50da0d6a9d650c15515cd5243a762d75dfbc7c7233176d39f40f3a21947281f7f96208e96e341c458968320da73f8fee2b6f30b797a9c4f1

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYxrM:GemTLkNdfE0pZaQu

Malware Config

Targets

    • Target

      0945c19fec7c87e5870c3b1abefb75158578f95c2e0bc366fe89841b7ce2e3ab

    • Size

      1.9MB

    • MD5

      b1c9f9bb0be10c2edf187389b8cf883e

    • SHA1

      6bc287783709f5b896d43c2fe0700643fe4a1926

    • SHA256

      0945c19fec7c87e5870c3b1abefb75158578f95c2e0bc366fe89841b7ce2e3ab

    • SHA512

      ab443a8e9b19e3bc50da0d6a9d650c15515cd5243a762d75dfbc7c7233176d39f40f3a21947281f7f96208e96e341c458968320da73f8fee2b6f30b797a9c4f1

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYxrM:GemTLkNdfE0pZaQu

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks