General

  • Target

    52c2840b89c1038f113ce0f51dfe2800N.exe

  • Size

    1.7MB

  • Sample

    240829-a3sbkaxajp

  • MD5

    52c2840b89c1038f113ce0f51dfe2800

  • SHA1

    77b5752183562e09cfe0fa07f323ed09edaf711a

  • SHA256

    63a7d0ccc662278ca82d425c14c60da3427988ff7ef03fba580632d479604b57

  • SHA512

    f4796cfbd618242f4d1d8e26f59d4bd47793ff4e9b47f8ac1aef4a56f0de4be8842e40f4265e777d7f17bd268eac9312a2b5fd908870140c9ae65969aa7a29ae

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWgf:RWWBibyh

Malware Config

Targets

    • Target

      52c2840b89c1038f113ce0f51dfe2800N.exe

    • Size

      1.7MB

    • MD5

      52c2840b89c1038f113ce0f51dfe2800

    • SHA1

      77b5752183562e09cfe0fa07f323ed09edaf711a

    • SHA256

      63a7d0ccc662278ca82d425c14c60da3427988ff7ef03fba580632d479604b57

    • SHA512

      f4796cfbd618242f4d1d8e26f59d4bd47793ff4e9b47f8ac1aef4a56f0de4be8842e40f4265e777d7f17bd268eac9312a2b5fd908870140c9ae65969aa7a29ae

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWgf:RWWBibyh

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks