General

  • Target

    ebecd8a12b388323103de2d1625359d0N.exe

  • Size

    1.1MB

  • Sample

    240830-m6w55sscjm

  • MD5

    ebecd8a12b388323103de2d1625359d0

  • SHA1

    8998690eacd4dcc7e816a5d7711bc16dd81abfbc

  • SHA256

    a08036e20fa927eeafcc57785d291da464b3927b13825b23fca36022279b27b4

  • SHA512

    5940327a52ff7febea9f1f239483b6678d51d82f4721f4737c6f24ea99d9e63811e1eaec80251cb03f1e14781974f210529a87a97de49e8e5d981d5769de1bbe

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQt4RiWgtCvr1Po7n:ROdWCCi7/raZ5aIwC+Agr6StKIa1QD

Malware Config

Targets

    • Target

      ebecd8a12b388323103de2d1625359d0N.exe

    • Size

      1.1MB

    • MD5

      ebecd8a12b388323103de2d1625359d0

    • SHA1

      8998690eacd4dcc7e816a5d7711bc16dd81abfbc

    • SHA256

      a08036e20fa927eeafcc57785d291da464b3927b13825b23fca36022279b27b4

    • SHA512

      5940327a52ff7febea9f1f239483b6678d51d82f4721f4737c6f24ea99d9e63811e1eaec80251cb03f1e14781974f210529a87a97de49e8e5d981d5769de1bbe

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQt4RiWgtCvr1Po7n:ROdWCCi7/raZ5aIwC+Agr6StKIa1QD

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks