General

  • Target

    27465da520921ddbceaf96d9e33288a0N.exe

  • Size

    1.7MB

  • Sample

    240901-hck4katfrm

  • MD5

    27465da520921ddbceaf96d9e33288a0

  • SHA1

    08ee56d81fd30f53f93768e986c948ed012c9e7d

  • SHA256

    bea949afad79af55e8ffca1e437817a8768107d809c9e8028afb77e2e285205b

  • SHA512

    d07283ad1d9690f3d157582afd85be9ec5b61d1fd89b61e2f5238e430e629d4aa1c9c3660fafba001ac019597c559ac952d10b630a66e73c2e35336a4bc47b34

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWI:RWWBibyd

Malware Config

Targets

    • Target

      27465da520921ddbceaf96d9e33288a0N.exe

    • Size

      1.7MB

    • MD5

      27465da520921ddbceaf96d9e33288a0

    • SHA1

      08ee56d81fd30f53f93768e986c948ed012c9e7d

    • SHA256

      bea949afad79af55e8ffca1e437817a8768107d809c9e8028afb77e2e285205b

    • SHA512

      d07283ad1d9690f3d157582afd85be9ec5b61d1fd89b61e2f5238e430e629d4aa1c9c3660fafba001ac019597c559ac952d10b630a66e73c2e35336a4bc47b34

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWI:RWWBibyd

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks