General

  • Target

    92dc298e7d5493b8f1412a329e4d4060N

  • Size

    1.4MB

  • MD5

    92dc298e7d5493b8f1412a329e4d4060

  • SHA1

    751ebef1e86ac98423ad7756ecbdaef34c933005

  • SHA256

    95a7b6e3ed9be59fe04817050d1c16c82fc214998fff66e66456bab6039ea065

  • SHA512

    361d55f2a6b3fbe161f9a05384f15e98c1ceb04b93bd970a260de5c4cc7af22cb9dc561974b4692721223a4e24e4f0e6aa7f256b9408b1b5e54a9cf9ab7b3da5

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSTsU9+s8juCCR/:ROdWCCi7/raZ5aIwC+Agr6SNasrsFCk

Score
10/10

Malware Config

Signatures

  • KPOT Core Executable 1 IoCs
  • Kpot family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 92dc298e7d5493b8f1412a329e4d4060N
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections