kpot | 424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4 | Triage

Submit
Reports

Overview

overview

Static

static

424e31e287...a4.exe

windows7-x64

424e31e287...a4.exe

windows10-2004-x64

Sharing

General

Target

424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4.exe
Size

1.5MB
Sample

240705-j9gm3svfkq
MD5

f65a2304c1dfd5db1c0dd85dc7995d80
SHA1

fe1e9242eb29881f468455378a228147b9d6c978
SHA256

424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4
SHA512

b43042aab5122a2dfa100a69ea1fc21541cfcb7ee4369dcbd434751236d879b3af78b471fe19d1da4e819c5acb117b7b618e723e2db2736fe62d3d98284d30be
SSDEEP

24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZGGhci:ROdWCCi7/raZ5aIwC+Agr6StYCTi

Score

10^/10

kpot xmrig miner persistence privilege_escalation stealer trojan upx

Static task

static1

upx miner kpot xmrig

6 signatures

Behavioral task

behavioral1

Sample

424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4.exe

Resource

win7-20240508-en

kpot xmrig miner stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4.exe

Resource

win10v2004-20240704-en

kpot xmrig miner persistence privilege_escalation stealer trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4.exe
- Size
  
  1.5MB
- MD5
  
  f65a2304c1dfd5db1c0dd85dc7995d80
- SHA1
  
  fe1e9242eb29881f468455378a228147b9d6c978
- SHA256
  
  424e31e287dfe97c8adb936febfa2e9b9ca0b698059eddd8f6986a36aff1e2a4
- SHA512
  
  b43042aab5122a2dfa100a69ea1fc21541cfcb7ee4369dcbd434751236d879b3af78b471fe19d1da4e819c5acb117b7b618e723e2db2736fe62d3d98284d30be
- SSDEEP
  
  24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQtjmssdqex1hl+dZQZGGhci:ROdWCCi7/raZ5aIwC+Agr6StYCTi
Score

10^/10

kpot xmrig miner stealer trojan upx persistence privilege_escalation
- KPOT
  KPOT is an information stealer that steals user data and account credentials.
  trojan stealer kpot
- KPOT Core Executable
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

Accessibility Features

Privilege Escalation

Event Triggered Execution

Accessibility Features

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

upxminerkpotxmrig

behavioral1

kpotxmrigminerstealertrojanupx

behavioral2

kpotxmrigminerpersistenceprivilege_escalationstealertrojanupx

© 2018-2024

Terms | Privacy