General

  • Target

    b58b5966e7c70f7a5d231ec13a04b900N.exe

  • Size

    1.5MB

  • Sample

    240823-2bbchssekm

  • MD5

    b58b5966e7c70f7a5d231ec13a04b900

  • SHA1

    a0ba85df1baebae552aa95a5bf2dfe8fcb575e52

  • SHA256

    8919425742e6ae9c33637d8019494ae1e774924d9d4e256adeeb30a1baed1328

  • SHA512

    b65c0b4e4617e002edde0bd6cdc336192931715225703343d85007bb18ccdb521fc6fd392821ead2b2edea38aa83cedddc4a99f4b8d9b00a303b166cb404792d

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hlrZY:ROdWCCi7/raZ5aIwC+Agr6StYw

Malware Config

Targets

    • Target

      b58b5966e7c70f7a5d231ec13a04b900N.exe

    • Size

      1.5MB

    • MD5

      b58b5966e7c70f7a5d231ec13a04b900

    • SHA1

      a0ba85df1baebae552aa95a5bf2dfe8fcb575e52

    • SHA256

      8919425742e6ae9c33637d8019494ae1e774924d9d4e256adeeb30a1baed1328

    • SHA512

      b65c0b4e4617e002edde0bd6cdc336192931715225703343d85007bb18ccdb521fc6fd392821ead2b2edea38aa83cedddc4a99f4b8d9b00a303b166cb404792d

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hlrZY:ROdWCCi7/raZ5aIwC+Agr6StYw

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks