General

  • Target

    f9b9f848886822b570084139aa058620N.exe

  • Size

    1.7MB

  • MD5

    f9b9f848886822b570084139aa058620

  • SHA1

    e065e6f8b05f27c7eff1c0751ae5be9d3bf48000

  • SHA256

    e095bf2092273676bf5d87823963160b9197c79890f367a9c2774a71a33e7d27

  • SHA512

    e9f481ce92b7d0258f511770f556e75bbd94d6d77db28defd152528adc68f4211e223e0886970943ab6db52b9a1f58e6cd1eb350a864ea3c2f66f40fa28ad120

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWY:RWWBiby1

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • f9b9f848886822b570084139aa058620N.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections