Overview

overview

10

Static

static

b452fc7395...82.exe

windows7-x64

10

b452fc7395...82.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b452fc7395cc20a0044ff1697a4588b925d58fd8b0fd8aea1596f80e860bfe82

  • Size

    285KB

  • Sample

    230129-tezwaaec81

  • MD5

    6c1f437246623bf56541b7871468788f

  • SHA1

    8bfdfcc20897525de3f0b8b50992dbf26963771c

  • SHA256

    b452fc7395cc20a0044ff1697a4588b925d58fd8b0fd8aea1596f80e860bfe82

  • SHA512

    2543b4248c0d57c8cdc314638442ec5a280de26044b0a3652980867f302fdf9579e0a9bd38337aa004befc231dfb13780f2f13bdaa3fe0deebbb2be5008b83df

  • SSDEEP

    6144:/QarTYtulUh/iDV8clenjluFJAdUwTjPpr7TVg//1371N8P1uGlaN:/D0ulUhA8clOjluFJA+wTjJTVg/d371J

Score
10/10
stormkittycollectionspywarestealer

Malware Config

Targets

    • Target

      b452fc7395cc20a0044ff1697a4588b925d58fd8b0fd8aea1596f80e860bfe82

    • Size

      285KB

    • MD5

      6c1f437246623bf56541b7871468788f

    • SHA1

      8bfdfcc20897525de3f0b8b50992dbf26963771c

    • SHA256

      b452fc7395cc20a0044ff1697a4588b925d58fd8b0fd8aea1596f80e860bfe82

    • SHA512

      2543b4248c0d57c8cdc314638442ec5a280de26044b0a3652980867f302fdf9579e0a9bd38337aa004befc231dfb13780f2f13bdaa3fe0deebbb2be5008b83df

    • SSDEEP

      6144:/QarTYtulUh/iDV8clenjluFJAdUwTjPpr7TVg//1371N8P1uGlaN:/D0ulUhA8clOjluFJA+wTjJTVg/d371J

    Score
    10/10
    stormkittycollectionspywarestealer

    • StormKitty

      StormKitty is an open source info stealer written in C#.

      stealerstormkitty

    • StormKitty payload

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks