General
-
Target
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
Size
1.3MB
-
Sample
230111-ns4thafg81
-
MD5
95b5bb6f4228a018dc96362f0244ae75
-
SHA1
ad4310ac6bc959736fc29e1c9d86b8960d445a77
-
SHA256
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
SHA512
31b0a12e3a81a6958a4ecab712998754960103549c155e756f68e1b85fffabf5ff484de389984cc9ab98cb85e598154d0cbc6831733314d761d6b3f686ebefd0
-
SSDEEP
24576:pmiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFYCaGApu8g:wgReFs0ZM0T+Sk6BU7HIFY7G98g
Malware Config
Targets
-
-
Target
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
Size
1.3MB
-
MD5
95b5bb6f4228a018dc96362f0244ae75
-
SHA1
ad4310ac6bc959736fc29e1c9d86b8960d445a77
-
SHA256
6464c1cff2a1e7e5d29eac0b56366544d312b9cf7338dd6ab534d3b67a588f68
-
SHA512
31b0a12e3a81a6958a4ecab712998754960103549c155e756f68e1b85fffabf5ff484de389984cc9ab98cb85e598154d0cbc6831733314d761d6b3f686ebefd0
-
SSDEEP
24576:pmiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFYCaGApu8g:wgReFs0ZM0T+Sk6BU7HIFY7G98g
Score10/10-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-