General

  • Target

    0458e53d489353996f36917e55e3d750N.exe

  • Size

    2.3MB

  • Sample

    240901-d1pz7s1ara

  • MD5

    0458e53d489353996f36917e55e3d750

  • SHA1

    970a21b41677aacc869cafafc21c76518b9f75e8

  • SHA256

    ba7d8b13193b29a9f16e377a85989b84f00f6e6eb23f3afec49faa02d80afc40

  • SHA512

    a7020dafa850c0dadd354ff37627625aa3774de4e9673f1acd64e1003179e4067c8dd7adb3c939eb822930bfb4dc6486b3c398bdcfbaed950c1e7fe97e2c8a48

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNasrsQm7BZg/m:oemTLkNdfE0pZrwv

Malware Config

Targets

    • Target

      0458e53d489353996f36917e55e3d750N.exe

    • Size

      2.3MB

    • MD5

      0458e53d489353996f36917e55e3d750

    • SHA1

      970a21b41677aacc869cafafc21c76518b9f75e8

    • SHA256

      ba7d8b13193b29a9f16e377a85989b84f00f6e6eb23f3afec49faa02d80afc40

    • SHA512

      a7020dafa850c0dadd354ff37627625aa3774de4e9673f1acd64e1003179e4067c8dd7adb3c939eb822930bfb4dc6486b3c398bdcfbaed950c1e7fe97e2c8a48

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNasrsQm7BZg/m:oemTLkNdfE0pZrwv

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks