General

  • Target

    d692e3f865642373f6844d79e1c58420N.exe

  • Size

    1.9MB

  • Sample

    240907-epaxksvalh

  • MD5

    d692e3f865642373f6844d79e1c58420

  • SHA1

    75c148eb888804f822b305ffb7768c84b6b9e13c

  • SHA256

    381e704f81cba5159ac73d5018250b07ec4053025c15e0b03aa0100eac454bd7

  • SHA512

    9760e3aed2f199a1f702a52a959f4c46f1fc3c4c13c0db7de6c5c51272ec5bb37812cbf9db93dd30f74ec7ec25803995c6e5e0f776fe94a86e2aa33a3475d0bb

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StPMVIex:BemTLkNdfE0pZrwz

Malware Config

Targets

    • Target

      d692e3f865642373f6844d79e1c58420N.exe

    • Size

      1.9MB

    • MD5

      d692e3f865642373f6844d79e1c58420

    • SHA1

      75c148eb888804f822b305ffb7768c84b6b9e13c

    • SHA256

      381e704f81cba5159ac73d5018250b07ec4053025c15e0b03aa0100eac454bd7

    • SHA512

      9760e3aed2f199a1f702a52a959f4c46f1fc3c4c13c0db7de6c5c51272ec5bb37812cbf9db93dd30f74ec7ec25803995c6e5e0f776fe94a86e2aa33a3475d0bb

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StPMVIex:BemTLkNdfE0pZrwz

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks