General

  • Target

    0ead686ab1545e20f9773d6d9b37d040N.exe

  • Size

    1.7MB

  • Sample

    240825-yfenys1enh

  • MD5

    0ead686ab1545e20f9773d6d9b37d040

  • SHA1

    49845481c747043185d2005eb68105da611094fa

  • SHA256

    c4a9afc35e878113aa73d22c2321f1af0c85df855aaf5bf044e24206b324a8de

  • SHA512

    a0406a181988321a212bdf79a816e1b687814bae73582f5e2aef4d7a35d40529ad2930417aae84c4f21166e7cde275045dc3fbec4c82ba107a6361c851dbd477

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWq:RWWBibyj

Malware Config

Targets

    • Target

      0ead686ab1545e20f9773d6d9b37d040N.exe

    • Size

      1.7MB

    • MD5

      0ead686ab1545e20f9773d6d9b37d040

    • SHA1

      49845481c747043185d2005eb68105da611094fa

    • SHA256

      c4a9afc35e878113aa73d22c2321f1af0c85df855aaf5bf044e24206b324a8de

    • SHA512

      a0406a181988321a212bdf79a816e1b687814bae73582f5e2aef4d7a35d40529ad2930417aae84c4f21166e7cde275045dc3fbec4c82ba107a6361c851dbd477

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWq:RWWBibyj

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks