General
-
Target
prefix-decodinG-validator (evaluaton copy).exe
-
Size
703KB
-
MD5
184f67d371271c1c22070de0b9562d37
-
SHA1
f8620176e15b912b92f57f86c19568a5b11a83e1
-
SHA256
78106b741efe22d2b1a0325d62716a16ed6c7e417a4cc7e9a272c19497ed29bb
-
SHA512
059b0e3ce389e8de944a75bc765bde7e7f90f10d4f0f7f9f5a53e05aed1590d15fa09411473b6380828431e7c75be9237c7430b7594a8c4dcfd41110aabd32e6
-
SSDEEP
12288:2K8zXPDoxlLbtpM2qYwDRDqmL9CnPXCNQyD+4gC/1bKzasesIujKQBmaO:2bzXPMBpM2qjDRD79i/CtgC+TI6BRO
Malware Config
Signatures
-
StormKitty payload 1 IoCs
resource yara_rule sample family_stormkitty -
Stormkitty family
Files
-
prefix-decodinG-validator (evaluaton copy).exe.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 278KB - Virtual size: 277KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 424KB - Virtual size: 424KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ