General

  • Target

    24ae813bf13b27a941d2acd3de9fd300N.exe

  • Size

    1.6MB

  • Sample

    240825-h75rfssdld

  • MD5

    24ae813bf13b27a941d2acd3de9fd300

  • SHA1

    3d9ece3273a51c6c321ea8e48df029ab7dda6d75

  • SHA256

    b2e98b5a9e4dcd83de034e1882782f905b5504d705fba336f58ed7ac79d1f762

  • SHA512

    01ac088428e2b98b311cc344617109755f315c858c34f411989b46af5ddbc62ee069e0055e6706d21d4d0eac9b46b4ec743edeb198152aa939d3adc3a82607f2

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZ5x:RWWBibyb

Malware Config

Targets

    • Target

      24ae813bf13b27a941d2acd3de9fd300N.exe

    • Size

      1.6MB

    • MD5

      24ae813bf13b27a941d2acd3de9fd300

    • SHA1

      3d9ece3273a51c6c321ea8e48df029ab7dda6d75

    • SHA256

      b2e98b5a9e4dcd83de034e1882782f905b5504d705fba336f58ed7ac79d1f762

    • SHA512

      01ac088428e2b98b311cc344617109755f315c858c34f411989b46af5ddbc62ee069e0055e6706d21d4d0eac9b46b4ec743edeb198152aa939d3adc3a82607f2

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZ5x:RWWBibyb

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks