General

  • Target

    b8ae340b1197beff311c0375ce97e6d0N.exe

  • Size

    1.6MB

  • Sample

    240824-t4ml9ayhlh

  • MD5

    b8ae340b1197beff311c0375ce97e6d0

  • SHA1

    dfc906e1010e5a68600bdfe50b46ffc646bc8409

  • SHA256

    20b6f4ead4efcc267a7e01ae0f17b8f0faa2178986d4d9e0d506aec97da6a8bb

  • SHA512

    ea3137c2da29b097fb99e153c75bc26dba9b1ce3e421772f7e616b8b4f477bff9e8d325450e17fdde173e67e031e875867c529c52b849549de8822f57289bb81

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZ8:RWWBibyE

Malware Config

Targets

    • Target

      b8ae340b1197beff311c0375ce97e6d0N.exe

    • Size

      1.6MB

    • MD5

      b8ae340b1197beff311c0375ce97e6d0

    • SHA1

      dfc906e1010e5a68600bdfe50b46ffc646bc8409

    • SHA256

      20b6f4ead4efcc267a7e01ae0f17b8f0faa2178986d4d9e0d506aec97da6a8bb

    • SHA512

      ea3137c2da29b097fb99e153c75bc26dba9b1ce3e421772f7e616b8b4f477bff9e8d325450e17fdde173e67e031e875867c529c52b849549de8822f57289bb81

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZ8:RWWBibyE

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks