Overview

overview

10

Static

static

10

f412b92737...0N.exe

windows7-x64

10

f412b92737...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f412b9273701972305f84f12e2148480N.exe

  • Size

    1.7MB

  • Sample

    240904-j25pyawgrn

  • MD5

    f412b9273701972305f84f12e2148480

  • SHA1

    412b220e5c491b74b69278f4c275864d93525c89

  • SHA256

    58e2e3361e7c9714620f0fca3f7246e2309a4a7f2289e720dd6ae884c1b2355c

  • SHA512

    c0cc307721d012aae5dab2c09c23c5a2451b7185c8ba9a5f2ba1ca6bbfff9fd0df21ec34df5e30aaade6b16237d9586b820f45b58c2c946e9f9a92378be6898d

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWJ:RWWBibyi

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      f412b9273701972305f84f12e2148480N.exe

    • Size

      1.7MB

    • MD5

      f412b9273701972305f84f12e2148480

    • SHA1

      412b220e5c491b74b69278f4c275864d93525c89

    • SHA256

      58e2e3361e7c9714620f0fca3f7246e2309a4a7f2289e720dd6ae884c1b2355c

    • SHA512

      c0cc307721d012aae5dab2c09c23c5a2451b7185c8ba9a5f2ba1ca6bbfff9fd0df21ec34df5e30aaade6b16237d9586b820f45b58c2c946e9f9a92378be6898d

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6St1lOqq+jCpLWJ:RWWBibyi

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks