General

  • Target

    0dd06c43e609ff1f7d422c7a534aa7b0N.exe

  • Size

    1.9MB

  • Sample

    240901-fqfd5asepd

  • MD5

    0dd06c43e609ff1f7d422c7a534aa7b0

  • SHA1

    bcec2b1ef5f692a436fe47e9e07968a36bc92344

  • SHA256

    96f07e0c59892a984c5e39f8c7159c3ecb9880d555ccaa79c6d236cc436bcaa6

  • SHA512

    4f1ee83e7035f93120207fe748dc3e13e4629d3944adec2459bd538117373beca005dcfc1f5209c5102af6d5788bbc5434b2b9635a83f9507942d394750544a5

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJdstm:oemTLkNdfE0pZrwM

Malware Config

Targets

    • Target

      0dd06c43e609ff1f7d422c7a534aa7b0N.exe

    • Size

      1.9MB

    • MD5

      0dd06c43e609ff1f7d422c7a534aa7b0

    • SHA1

      bcec2b1ef5f692a436fe47e9e07968a36bc92344

    • SHA256

      96f07e0c59892a984c5e39f8c7159c3ecb9880d555ccaa79c6d236cc436bcaa6

    • SHA512

      4f1ee83e7035f93120207fe748dc3e13e4629d3944adec2459bd538117373beca005dcfc1f5209c5102af6d5788bbc5434b2b9635a83f9507942d394750544a5

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJdstm:oemTLkNdfE0pZrwM

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks