General

  • Target

    cd235bd93c8c28001d8f8dceeafe50c0N.exe

  • Size

    1.9MB

  • Sample

    240901-lys8vaxejq

  • MD5

    cd235bd93c8c28001d8f8dceeafe50c0

  • SHA1

    e3d7b385918a242adcd7b74a5b27c3b43c09af88

  • SHA256

    ab636c3bc1bd82feaaaef65e4a4bd38ee296f29ac507f900b65a1b737f3bbfdf

  • SHA512

    71fb8a9f75ee3dec3405d376f77eaace4f509f0229c2f559f9b3df4a5240bc0fc0a77acbb2a3c29d1a71e8ce1a64a371cc637ed2d72c4011d30e29f21882be2d

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StPMVIeJ:BemTLkNdfE0pZrwT

Malware Config

Targets

    • Target

      cd235bd93c8c28001d8f8dceeafe50c0N.exe

    • Size

      1.9MB

    • MD5

      cd235bd93c8c28001d8f8dceeafe50c0

    • SHA1

      e3d7b385918a242adcd7b74a5b27c3b43c09af88

    • SHA256

      ab636c3bc1bd82feaaaef65e4a4bd38ee296f29ac507f900b65a1b737f3bbfdf

    • SHA512

      71fb8a9f75ee3dec3405d376f77eaace4f509f0229c2f559f9b3df4a5240bc0fc0a77acbb2a3c29d1a71e8ce1a64a371cc637ed2d72c4011d30e29f21882be2d

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StPMVIeJ:BemTLkNdfE0pZrwT

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks