General

  • Target

    c5037bd17597d5e22baaf7c5d2b0a5f0N.exe

  • Size

    1.9MB

  • Sample

    240831-2m3k5szckj

  • MD5

    c5037bd17597d5e22baaf7c5d2b0a5f0

  • SHA1

    f92672331004c1a7d41477a91e9eb222966d90c7

  • SHA256

    66793370e0bb7ddfdb2ba8550a6fb02041fbeb9ed47535012dd80bfbefd8f1b7

  • SHA512

    1cb76b9a543b12b0a4d52bb2d70809e8752e6f7ef93ca2cd0238e78e72c411002f9c51e8e62f9f0e299fe7aade8af0339104e2c44e57d55b84d6e29196cdbd8f

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJdJY:oemTLkNdfE0pZrwv

Malware Config

Targets

    • Target

      c5037bd17597d5e22baaf7c5d2b0a5f0N.exe

    • Size

      1.9MB

    • MD5

      c5037bd17597d5e22baaf7c5d2b0a5f0

    • SHA1

      f92672331004c1a7d41477a91e9eb222966d90c7

    • SHA256

      66793370e0bb7ddfdb2ba8550a6fb02041fbeb9ed47535012dd80bfbefd8f1b7

    • SHA512

      1cb76b9a543b12b0a4d52bb2d70809e8752e6f7ef93ca2cd0238e78e72c411002f9c51e8e62f9f0e299fe7aade8af0339104e2c44e57d55b84d6e29196cdbd8f

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJdJY:oemTLkNdfE0pZrwv

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks