General
-
Target
stub.bin
-
Size
561KB
-
Sample
211025-r5tqvahbfk
-
MD5
68260e77a8d3f9f51e06d351f9ec4a9a
-
SHA1
11dad0b9986ed9f8da5b8021bf1fdcef7aeba159
-
SHA256
fddde87baeb78e0cbd56e87bf6e27052c13a42b5c808331b39157a605851164e
-
SHA512
7801cfdf9786d14c5386c900e42b8228c8242be13e5f6d3e8fd8b4c93f6796faec7caf0f93077ecc5933e912113ea6dfb735160b0289e34073a7f0a337ff66f1
Static task
static1
Behavioral task
behavioral1
Sample
stub.bin.exe
Resource
win7-en-20210920
Malware Config
Targets
-
-
Target
stub.bin
-
Size
561KB
-
MD5
68260e77a8d3f9f51e06d351f9ec4a9a
-
SHA1
11dad0b9986ed9f8da5b8021bf1fdcef7aeba159
-
SHA256
fddde87baeb78e0cbd56e87bf6e27052c13a42b5c808331b39157a605851164e
-
SHA512
7801cfdf9786d14c5386c900e42b8228c8242be13e5f6d3e8fd8b4c93f6796faec7caf0f93077ecc5933e912113ea6dfb735160b0289e34073a7f0a337ff66f1
Score10/10-
StormKitty Payload
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-