General

  • Target

    d571d20baf445397b9d40d3b066dd1f0N.exe

  • Size

    1.7MB

  • Sample

    240829-jc985asbnl

  • MD5

    d571d20baf445397b9d40d3b066dd1f0

  • SHA1

    f7090e84f1f42a5ab8451b9c4b96919505868524

  • SHA256

    a26325ac1189080c4122450e3fc159be420e4bf5949bcc986bfb90f17b08566b

  • SHA512

    51dd92320a78d49e5f5f4728ccc42b39c06140728e77372ff5ae012cac8c968534aecf66c03c884ede78dbb3d2d2b1a0c21fe5df82ee9900e15d5e8e406b5b4d

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWK:RWWBibyp

Malware Config

Targets

    • Target

      d571d20baf445397b9d40d3b066dd1f0N.exe

    • Size

      1.7MB

    • MD5

      d571d20baf445397b9d40d3b066dd1f0

    • SHA1

      f7090e84f1f42a5ab8451b9c4b96919505868524

    • SHA256

      a26325ac1189080c4122450e3fc159be420e4bf5949bcc986bfb90f17b08566b

    • SHA512

      51dd92320a78d49e5f5f4728ccc42b39c06140728e77372ff5ae012cac8c968534aecf66c03c884ede78dbb3d2d2b1a0c21fe5df82ee9900e15d5e8e406b5b4d

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWK:RWWBibyp

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks