General

  • Target

    f9b9f848886822b570084139aa058620N.exe

  • Size

    1.7MB

  • Sample

    240825-fams9swgqr

  • MD5

    f9b9f848886822b570084139aa058620

  • SHA1

    e065e6f8b05f27c7eff1c0751ae5be9d3bf48000

  • SHA256

    e095bf2092273676bf5d87823963160b9197c79890f367a9c2774a71a33e7d27

  • SHA512

    e9f481ce92b7d0258f511770f556e75bbd94d6d77db28defd152528adc68f4211e223e0886970943ab6db52b9a1f58e6cd1eb350a864ea3c2f66f40fa28ad120

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWY:RWWBiby1

Malware Config

Targets

    • Target

      f9b9f848886822b570084139aa058620N.exe

    • Size

      1.7MB

    • MD5

      f9b9f848886822b570084139aa058620

    • SHA1

      e065e6f8b05f27c7eff1c0751ae5be9d3bf48000

    • SHA256

      e095bf2092273676bf5d87823963160b9197c79890f367a9c2774a71a33e7d27

    • SHA512

      e9f481ce92b7d0258f511770f556e75bbd94d6d77db28defd152528adc68f4211e223e0886970943ab6db52b9a1f58e6cd1eb350a864ea3c2f66f40fa28ad120

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWY:RWWBiby1

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks