General

  • Target

    011d68066db54c8086850cc6266249b0N.exe

  • Size

    1.6MB

  • Sample

    240825-sk54tascql

  • MD5

    011d68066db54c8086850cc6266249b0

  • SHA1

    0233dd5f1a5b6a3482185f3545a38885fb90f528

  • SHA256

    222e3694e6358fc9b93881f5d247d9eedf0d0a4c5cc9a1954ed03059ab72f108

  • SHA512

    a9c92edc944bde5fd866d6c0031c8f858c40956930ea26e45cb9cfbcc3b879743ceb14fc060d3c882c96f171bbdbceb15f2698c3e90b3ca81202637b1a23f810

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZt:RWWBiby1

Malware Config

Targets

    • Target

      011d68066db54c8086850cc6266249b0N.exe

    • Size

      1.6MB

    • MD5

      011d68066db54c8086850cc6266249b0

    • SHA1

      0233dd5f1a5b6a3482185f3545a38885fb90f528

    • SHA256

      222e3694e6358fc9b93881f5d247d9eedf0d0a4c5cc9a1954ed03059ab72f108

    • SHA512

      a9c92edc944bde5fd866d6c0031c8f858c40956930ea26e45cb9cfbcc3b879743ceb14fc060d3c882c96f171bbdbceb15f2698c3e90b3ca81202637b1a23f810

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZt:RWWBiby1

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks