SecuriteInfo.com.Trojan.Siggen13.7926.26442.26251

General
Target

SecuriteInfo.com.Trojan.Siggen13.7926.26442.26251

Size

1MB

Sample

210413-t9r2lmmx5a

Score
10 /10
MD5

0e5a32151bc2d235ca8b57bfd1684f6e

SHA1

db048b176a6f99934f13d1bac90a7918600a0f23

SHA256

3693a93f4ddbfa1eb9207e06cf87041b59b9b1ddfd866e6fbbbb52aaeae7ed83

SHA512

caaaf144653fb6295c53c47c4f91b52038c662aa50931dbdd78c7e2ca7da86ccf90022b47cf0db213f00fb70abcf622ecca9e9901628bad6d029149b97eeb732

Malware Config
Targets
Target

SecuriteInfo.com.Trojan.Siggen13.7926.26442.26251

MD5

0e5a32151bc2d235ca8b57bfd1684f6e

Filesize

1MB

Score
10 /10
SHA1

db048b176a6f99934f13d1bac90a7918600a0f23

SHA256

3693a93f4ddbfa1eb9207e06cf87041b59b9b1ddfd866e6fbbbb52aaeae7ed83

SHA512

caaaf144653fb6295c53c47c4f91b52038c662aa50931dbdd78c7e2ca7da86ccf90022b47cf0db213f00fb70abcf622ecca9e9901628bad6d029149b97eeb732

Tags

Signatures

  • StormKitty

    Description

    StormKitty is an open source info stealer written in C#.

    Tags

  • StormKitty Payload

  • Loads dropped DLL

  • Reads local data of messenger clients

    Description

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    1/10

                    behavioral1

                    10/10

                    behavioral2

                    7/10