stormkitty | Eulen crack[.]exe | Triage

Sharing

General

Target

Eulen crack.exe
Size

1.3MB
MD5

faaf569803539174ef02b5b53e0388e2
SHA1

ed13d220b1b822ad8032e69983a4197e5d72473f
SHA256

683ea882def71b5bdc826c866e57825076d032c06b74702d500d62e756c3235f
SHA512

a60aecffe4813415feaac01d4494cb71f6f2ff297661da426eca95bbeff26e1c40080ef4a7637086393a2f1a66cc18a263e0313834fe88d81827c48c0cfaa251
SSDEEP

24576:AEiMngrdePNzQ0ZIxNXaV9x4IUgs36BUI2So5+jnzFoCaGApu8F:3gReFs0ZM0T+Sk6BU7HIFo7G98F

Score

10^/10

stormkitty

Malware Config

Signatures

StormKitty payload 1 IoCs

Processes:

resource yara_rule

sample family_stormkitty
Stormkitty family
stormkitty

Files

Eulen crack.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ