General
-
Target
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
Size
1.3MB
-
Sample
230111-ns4thafg81
-
MD5
95b5bb6f4228a018dc96362f0244ae75
-
SHA1
ad4310ac6bc959736fc29e1c9d86b8960d445a77
-
SHA256
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
SHA512
31b0a12e3a81a6958a4ecab712998754960103549c155e756f68e1b85fffabf5ff484de389984cc9ab98cb85e598154d0cbc6831733314d761d6b3f686ebefd0
-
SSDEEP
24576:pmiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFYCaGApu8g:wgReFs0ZM0T+Sk6BU7HIFY7G98g
Behavioral task
behavioral1
Sample
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
Size
1.3MB
-
MD5
95b5bb6f4228a018dc96362f0244ae75
-
SHA1
ad4310ac6bc959736fc29e1c9d86b8960d445a77
-
SHA256
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
SHA512
31b0a12e3a81a6958a4ecab712998754960103549c155e756f68e1b85fffabf5ff484de389984cc9ab98cb85e598154d0cbc6831733314d761d6b3f686ebefd0
-
SSDEEP
24576:pmiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFYCaGApu8g:wgReFs0ZM0T+Sk6BU7HIFY7G98g
Score10/10-
StormKitty payload
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-