Overview

overview

10

Static

static

10

1aa7b910d9...b0.exe

windows7-x64

10

1aa7b910d9...b0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1aa7b910d99ef87d29be0bc96c4cf3a2823fea04fafd2a4b736c1156d73b2bb0.exe

  • Size

    1.4MB

  • Sample

    221123-ngtjdsgg96

  • MD5

    80467b17d18000d6fab38846004e81ea

  • SHA1

    1ffbeeeb77a563e7068cbd85c5d2ee2423e01017

  • SHA256

    1aa7b910d99ef87d29be0bc96c4cf3a2823fea04fafd2a4b736c1156d73b2bb0

  • SHA512

    8ca8ddd7609afa50c15927aec910e9a077ffc89aa213d4f3a0bd4c2be7d7e5f4374a06cb58f0f726715e867376f08fbbea16c32ea1286e4b832b496b6d7a42e9

  • SSDEEP

    24576:CofiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFYCaGApu8:7TgReFs0ZM0T+Sk6BU7HIFY7G98

Score
10/10
stormkittyspywarestealer

Malware Config

Targets

    • Target

      1aa7b910d99ef87d29be0bc96c4cf3a2823fea04fafd2a4b736c1156d73b2bb0.exe

    • Size

      1.4MB

    • MD5

      80467b17d18000d6fab38846004e81ea

    • SHA1

      1ffbeeeb77a563e7068cbd85c5d2ee2423e01017

    • SHA256

      1aa7b910d99ef87d29be0bc96c4cf3a2823fea04fafd2a4b736c1156d73b2bb0

    • SHA512

      8ca8ddd7609afa50c15927aec910e9a077ffc89aa213d4f3a0bd4c2be7d7e5f4374a06cb58f0f726715e867376f08fbbea16c32ea1286e4b832b496b6d7a42e9

    • SSDEEP

      24576:CofiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFYCaGApu8:7TgReFs0ZM0T+Sk6BU7HIFY7G98

    Score
    10/10
    stormkittyspywarestealer

    • StormKitty

      StormKitty is an open source info stealer written in C#.

      stealerstormkitty

    • StormKitty payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks