General

  • Target

    21e36dd6aba997b766d7a8a971347ad0N.exe

  • Size

    1.9MB

  • Sample

    240831-zwzjqsvhjp

  • MD5

    21e36dd6aba997b766d7a8a971347ad0

  • SHA1

    f5210879fc8f0416204ded08297236d66c1c305e

  • SHA256

    a479ed488cd10687ab695256a4bb34d090a91dc1610e585344f23604806edd71

  • SHA512

    0c9ad39b6622dd8bdd8ac3bad0d4c021b3dd3fe8574f9757e4e9d8e3000cf44a1c9ea0a3bb5a5c412eb855868beb1d7fa15c6cc907c61d56c582a6510765c781

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYxV:GemTLkNdfE0pZaQP

Malware Config

Targets

    • Target

      21e36dd6aba997b766d7a8a971347ad0N.exe

    • Size

      1.9MB

    • MD5

      21e36dd6aba997b766d7a8a971347ad0

    • SHA1

      f5210879fc8f0416204ded08297236d66c1c305e

    • SHA256

      a479ed488cd10687ab695256a4bb34d090a91dc1610e585344f23604806edd71

    • SHA512

      0c9ad39b6622dd8bdd8ac3bad0d4c021b3dd3fe8574f9757e4e9d8e3000cf44a1c9ea0a3bb5a5c412eb855868beb1d7fa15c6cc907c61d56c582a6510765c781

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYxV:GemTLkNdfE0pZaQP

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks