blustealer | 3cc67ef9b1c9978bc823e77db86d092e9f1df3062c4d98fc668920b7d7534122 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

3cc67ef9b1c9978bc823e77db86d092e9f1df3062c4d98fc668920b7d7534122
Size

132KB
Sample

220913-whwddagbh9
MD5

986d46bd59fa8f0ec96a206312be5b01
SHA1

96b65230f6594524c3de2ebb717b1149e51625af
SHA256

3cc67ef9b1c9978bc823e77db86d092e9f1df3062c4d98fc668920b7d7534122
SHA512

c8c7bafeed2193f508806a49faf5ff30ce98dccdb04dc6861e61346bb5869478e529c7fe9c5025efbba2c762cba25375d874972a5020a4a6a18441f8a8d34743
SSDEEP

1536:iks/Zws3kTnvzbhNBPmxue2SRQg0dkEwiqoViocI6VPTHBQTvpOr:iTZTkLfhjFSiO3oyI6f2s

Score

10^/10

blustealer stormkitty collection stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3cc67ef9b1c9978bc823e77db86d092e9f1df3062c4d98fc668920b7d7534122.exe

Resource

win10v2004-20220812-en

stormkitty collection stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5373590229:AAH5_bJ0JuiFbSG6WQwntRz245ybC0mPNk0/sendMessage?chat_id=2005009509

Targets

- Target
  
  3cc67ef9b1c9978bc823e77db86d092e9f1df3062c4d98fc668920b7d7534122
- Size
  
  132KB
- MD5
  
  986d46bd59fa8f0ec96a206312be5b01
- SHA1
  
  96b65230f6594524c3de2ebb717b1149e51625af
- SHA256
  
  3cc67ef9b1c9978bc823e77db86d092e9f1df3062c4d98fc668920b7d7534122
- SHA512
  
  c8c7bafeed2193f508806a49faf5ff30ce98dccdb04dc6861e61346bb5869478e529c7fe9c5025efbba2c762cba25375d874972a5020a4a6a18441f8a8d34743
- SSDEEP
  
  1536:iks/Zws3kTnvzbhNBPmxue2SRQg0dkEwiqoViocI6VPTHBQTvpOr:iTZTkLfhjFSiO3oyI6f2s
Score

10^/10

stormkitty collection stealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stormkittycollectionstealer

© 2018-2025

Terms | Privacy