General

  • Target

    011d68066db54c8086850cc6266249b0N.exe

  • Size

    1.6MB

  • MD5

    011d68066db54c8086850cc6266249b0

  • SHA1

    0233dd5f1a5b6a3482185f3545a38885fb90f528

  • SHA256

    222e3694e6358fc9b93881f5d247d9eedf0d0a4c5cc9a1954ed03059ab72f108

  • SHA512

    a9c92edc944bde5fd866d6c0031c8f858c40956930ea26e45cb9cfbcc3b879743ceb14fc060d3c882c96f171bbdbceb15f2698c3e90b3ca81202637b1a23f810

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SNasrsQm7BZt:RWWBiby1

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 011d68066db54c8086850cc6266249b0N.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections