General
-
Target
00000998880.exe
-
Size
1.1MB
-
Sample
210412-b1cbwscr6s
-
MD5
b75196ccea3a4ed66a87e7a98595b27f
-
SHA1
db65efb2c2f426165479a6b9f70700d61f56b6e2
-
SHA256
7a15a21c229fd3f9a2a18f2bb13bf2845a76a3822914c751174b1aa98303b8e8
-
SHA512
2b23d1b83ecf18cc7ca5cb581691e17704f48320d43e849a527ce5079082c048a35eabb00cc40bf9fd1f207ea1f870de560b283742e8d47228666ed2aa4d49a1
Malware Config
Targets
-
-
Target
00000998880.exe
-
Size
1.1MB
-
MD5
b75196ccea3a4ed66a87e7a98595b27f
-
SHA1
db65efb2c2f426165479a6b9f70700d61f56b6e2
-
SHA256
7a15a21c229fd3f9a2a18f2bb13bf2845a76a3822914c751174b1aa98303b8e8
-
SHA512
2b23d1b83ecf18cc7ca5cb581691e17704f48320d43e849a527ce5079082c048a35eabb00cc40bf9fd1f207ea1f870de560b283742e8d47228666ed2aa4d49a1
Score10/10-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty Payload
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Suspicious use of SetThreadContext
-