General

  • Target

    71299d0570622e09121d6e176d888014cdd386c8dbed7b847ffec7d212ee23f0

  • Size

    1.5MB

  • Sample

    240818-15ndhaxeqe

  • MD5

    cce945ca040eb68446c06f18d84ba1a9

  • SHA1

    9d02f45cc258a3ec54b4c789996835230b221511

  • SHA256

    71299d0570622e09121d6e176d888014cdd386c8dbed7b847ffec7d212ee23f0

  • SHA512

    8202e0054b95342a36051ee9e98cc3454b013b4d74529d2f68feb65a7a01c01967c2ba2f0f1e966e1d9e0b72f568f38c80cad631cf1e4d8fdca81212ee20445f

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsFC4z7:RWWBibyH

Malware Config

Targets

    • Target

      71299d0570622e09121d6e176d888014cdd386c8dbed7b847ffec7d212ee23f0

    • Size

      1.5MB

    • MD5

      cce945ca040eb68446c06f18d84ba1a9

    • SHA1

      9d02f45cc258a3ec54b4c789996835230b221511

    • SHA256

      71299d0570622e09121d6e176d888014cdd386c8dbed7b847ffec7d212ee23f0

    • SHA512

      8202e0054b95342a36051ee9e98cc3454b013b4d74529d2f68feb65a7a01c01967c2ba2f0f1e966e1d9e0b72f568f38c80cad631cf1e4d8fdca81212ee20445f

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsFC4z7:RWWBibyH

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks