General

  • Target

    ef4297f9191638bf2433b849f8dcf1d0N

  • Size

    1.6MB

  • Sample

    240826-njm5dssekm

  • MD5

    ef4297f9191638bf2433b849f8dcf1d0

  • SHA1

    da1d91e4503efc5a20dd73f4384b43515306a5b0

  • SHA256

    922238ab623609163bd3f534c9e01a4b699ad0b85f61210e7ef906cb6b56e89e

  • SHA512

    48d3b590bd4adaff3cf5d0a031f72be7aad3de3dd5ac901b15a65f474a2c0f4b0783952576f46763e42ed460b1bd9b984f1cc1333a3b91a872ce4d638619ed96

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxYKKIe:RWWBibyt

Malware Config

Targets

    • Target

      ef4297f9191638bf2433b849f8dcf1d0N

    • Size

      1.6MB

    • MD5

      ef4297f9191638bf2433b849f8dcf1d0

    • SHA1

      da1d91e4503efc5a20dd73f4384b43515306a5b0

    • SHA256

      922238ab623609163bd3f534c9e01a4b699ad0b85f61210e7ef906cb6b56e89e

    • SHA512

      48d3b590bd4adaff3cf5d0a031f72be7aad3de3dd5ac901b15a65f474a2c0f4b0783952576f46763e42ed460b1bd9b984f1cc1333a3b91a872ce4d638619ed96

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6StVEnmcKxYKKIe:RWWBibyt

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks