Overview

overview

10

Static

static

10

21316c9808...0N.exe

windows7-x64

10

21316c9808...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21316c9808d9c43fa007473c76258890N.exe

  • Size

    2.0MB

  • Sample

    240902-frwshatcqd

  • MD5

    21316c9808d9c43fa007473c76258890

  • SHA1

    f57471b9ed8032921baa4e55f97fc8971121b260

  • SHA256

    64aade2e5ea8a8f36ecf2a1a37dad561de09206102798f2b19eeefa2b3115050

  • SHA512

    cfd89d3ce2bfabb11381c0dbbcdca1099d72db3b37a84e9c5dbfa0b644f35711f4f934102ce063bc7649ef5c97f674eda014e3bf88ea47e7a5f761c2f733d80f

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJds5F:oemTLkNdfE0pZrwn

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      21316c9808d9c43fa007473c76258890N.exe

    • Size

      2.0MB

    • MD5

      21316c9808d9c43fa007473c76258890

    • SHA1

      f57471b9ed8032921baa4e55f97fc8971121b260

    • SHA256

      64aade2e5ea8a8f36ecf2a1a37dad561de09206102798f2b19eeefa2b3115050

    • SHA512

      cfd89d3ce2bfabb11381c0dbbcdca1099d72db3b37a84e9c5dbfa0b644f35711f4f934102ce063bc7649ef5c97f674eda014e3bf88ea47e7a5f761c2f733d80f

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6S/FpJds5F:oemTLkNdfE0pZrwn

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks