Overview

overview

10

Static

static

3

d9782bb46b...18.exe

windows7-x64

10

d9782bb46b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d9782bb46b568986911658069474e765_JaffaCakes118

  • Size

    236KB

  • Sample

    240911-c4b23syaqj

  • MD5

    d9782bb46b568986911658069474e765

  • SHA1

    4d3876e69c1faac5bb3300c9e16a52bc586de1d6

  • SHA256

    42dd1417b850c9e1386967d24800ca3181bee0079b91a4a4b5f100d8ff3931bf

  • SHA512

    5870b6796ade6ba4fc6e1920bfcd4dd8f730c5576e7775950f1f87cc5de9595173173e5371a590065985ab6ef6becbc38c19c3c149e3dbef69dab670b4980fcb

  • SSDEEP

    6144:x8JZePQyLYAOpwjNN1LuFNGnepuIHcWTA/lJtC:xCZeFDMwRLuFYsHxilJ

Score
10/10
kpotdiscoverystealertrojan

Malware Config

Targets

    • Target

      d9782bb46b568986911658069474e765_JaffaCakes118

    • Size

      236KB

    • MD5

      d9782bb46b568986911658069474e765

    • SHA1

      4d3876e69c1faac5bb3300c9e16a52bc586de1d6

    • SHA256

      42dd1417b850c9e1386967d24800ca3181bee0079b91a4a4b5f100d8ff3931bf

    • SHA512

      5870b6796ade6ba4fc6e1920bfcd4dd8f730c5576e7775950f1f87cc5de9595173173e5371a590065985ab6ef6becbc38c19c3c149e3dbef69dab670b4980fcb

    • SSDEEP

      6144:x8JZePQyLYAOpwjNN1LuFNGnepuIHcWTA/lJtC:xCZeFDMwRLuFYsHxilJ

    Score
    10/10
    kpotdiscoverystealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks