blustealer | fafa8057f024c7a3c30e48b63d05d712e7de1f2f38f592a03cabbe8917942a89 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

fafa8057f024c7a3c30e48b63d05d712e7de1f2f38f592a03cabbe8917942a89
Size

132KB
Sample

220809-t8bqjsdbbl
MD5

f7e5a5c100fcf5a248dfe0424bc5bbdc
SHA1

05fab29b3f901ea56ebc0d5e240aa747aa44ee4f
SHA256

fafa8057f024c7a3c30e48b63d05d712e7de1f2f38f592a03cabbe8917942a89
SHA512

048b661425a63033980b1253bd0e8e24de0eb6ea230e24c46eec965371cd74f7ebd27ae004f6ee006abb48879fa3258ff6d4d049380ea8da57cda5953fb91bf2

Score

10^/10

blustealer stormkitty collection stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fafa8057f024c7a3c30e48b63d05d712e7de1f2f38f592a03cabbe8917942a89.exe

Resource

win10-20220722-en

stormkitty collection stealer

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  fafa8057f024c7a3c30e48b63d05d712e7de1f2f38f592a03cabbe8917942a89
- Size
  
  132KB
- MD5
  
  f7e5a5c100fcf5a248dfe0424bc5bbdc
- SHA1
  
  05fab29b3f901ea56ebc0d5e240aa747aa44ee4f
- SHA256
  
  fafa8057f024c7a3c30e48b63d05d712e7de1f2f38f592a03cabbe8917942a89
- SHA512
  
  048b661425a63033980b1253bd0e8e24de0eb6ea230e24c46eec965371cd74f7ebd27ae004f6ee006abb48879fa3258ff6d4d049380ea8da57cda5953fb91bf2
Score

10^/10

stormkitty collection stealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stormkittycollectionstealer

© 2018-2025

Terms | Privacy