General

  • Target

    3bbda4a44d5416394724d568a5cdcedfd7e05d236dd5c0917070bc9795516814.exe

  • Size

    531KB

  • Sample

    241214-xsnxqa1mhs

  • MD5

    7083f90ec97477ac0dc977324bba3ec8

  • SHA1

    003402d622f48f10c5f3521244be458619e8d49b

  • SHA256

    3bbda4a44d5416394724d568a5cdcedfd7e05d236dd5c0917070bc9795516814

  • SHA512

    7ea07933377c2a7651547889decf558dc4243e2b4e4c3e41b374ec2e9bd6d25f2e1109b579b51696cc9f3127ab458f5050917fed1c673df6ccd299fad0089f4c

  • SSDEEP

    6144:jbgH72UMexaE7qzXi41IpGP2Uxf1SOXUqcAgJo6VVTsGP7J2DMABQ7lOMPJ3Q:jbgH72lWaEcXi4GcxzRr7

Malware Config

Targets

    • Target

      3bbda4a44d5416394724d568a5cdcedfd7e05d236dd5c0917070bc9795516814.exe

    • Size

      531KB

    • MD5

      7083f90ec97477ac0dc977324bba3ec8

    • SHA1

      003402d622f48f10c5f3521244be458619e8d49b

    • SHA256

      3bbda4a44d5416394724d568a5cdcedfd7e05d236dd5c0917070bc9795516814

    • SHA512

      7ea07933377c2a7651547889decf558dc4243e2b4e4c3e41b374ec2e9bd6d25f2e1109b579b51696cc9f3127ab458f5050917fed1c673df6ccd299fad0089f4c

    • SSDEEP

      6144:jbgH72UMexaE7qzXi41IpGP2Uxf1SOXUqcAgJo6VVTsGP7J2DMABQ7lOMPJ3Q:jbgH72lWaEcXi4GcxzRr7

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Kpot family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks