General

  • Target

    dd11e3c472c85504bf1064065c49e030N.exe

  • Size

    1.9MB

  • Sample

    240901-ss2rcsvbmn

  • MD5

    dd11e3c472c85504bf1064065c49e030

  • SHA1

    fa9d80539ba0131d6105a5c342771da9de122220

  • SHA256

    d2d24ed5c41838254a02913a0608dce60efbd7442a4d22d888fe6155fc6bdc70

  • SHA512

    3bb7e4aed2cc3ad6e49f7f805b1294cd738dc7a435397f648b2b2b88838057f090dca2b9ec78301c2ba89dd426af4e92dd04ad900fdae15bae02a6bbc5a85275

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJdQ:oemTLkNdfE0pZrwL

Malware Config

Targets

    • Target

      dd11e3c472c85504bf1064065c49e030N.exe

    • Size

      1.9MB

    • MD5

      dd11e3c472c85504bf1064065c49e030

    • SHA1

      fa9d80539ba0131d6105a5c342771da9de122220

    • SHA256

      d2d24ed5c41838254a02913a0608dce60efbd7442a4d22d888fe6155fc6bdc70

    • SHA512

      3bb7e4aed2cc3ad6e49f7f805b1294cd738dc7a435397f648b2b2b88838057f090dca2b9ec78301c2ba89dd426af4e92dd04ad900fdae15bae02a6bbc5a85275

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJdQ:oemTLkNdfE0pZrwL

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks