General
-
Target
f9142ea94e536ab91fd1cbdd1729a8a59b39c1b5c86cd38017ceee8003770612
-
Size
1.3MB
-
Sample
230129-v3ka6sha2v
-
MD5
e5d213e0ffc154950cf7010c24a19b41
-
SHA1
f0e8645bd1f7a8e78eded22c2d007f5a3b0872ff
-
SHA256
f9142ea94e536ab91fd1cbdd1729a8a59b39c1b5c86cd38017ceee8003770612
-
SHA512
e107dee3ae10ec18b2c08337ec17b4ba12c2783ba995cf7c82ab9b9cadcbf097f19a0160edd24571abf4834962a6e31f3b6687e959baf9bcacd9c4dcad204225
-
SSDEEP
24576:YobgY4gVG/9qziQ2ZljQia88k9dxBHjwT1JHXi3+ISufrov7myfCpfiODybcOUeL:Yobt4MG/9OiQaljQXjiBDaJHgdRzoDy/
Static task
static1
Behavioral task
behavioral1
Sample
f9142ea94e536ab91fd1cbdd1729a8a59b39c1b5c86cd38017ceee8003770612.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f9142ea94e536ab91fd1cbdd1729a8a59b39c1b5c86cd38017ceee8003770612.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
f9142ea94e536ab91fd1cbdd1729a8a59b39c1b5c86cd38017ceee8003770612
-
Size
1.3MB
-
MD5
e5d213e0ffc154950cf7010c24a19b41
-
SHA1
f0e8645bd1f7a8e78eded22c2d007f5a3b0872ff
-
SHA256
f9142ea94e536ab91fd1cbdd1729a8a59b39c1b5c86cd38017ceee8003770612
-
SHA512
e107dee3ae10ec18b2c08337ec17b4ba12c2783ba995cf7c82ab9b9cadcbf097f19a0160edd24571abf4834962a6e31f3b6687e959baf9bcacd9c4dcad204225
-
SSDEEP
24576:YobgY4gVG/9qziQ2ZljQia88k9dxBHjwT1JHXi3+ISufrov7myfCpfiODybcOUeL:Yobt4MG/9OiQaljQXjiBDaJHgdRzoDy/
Score10/10-
StormKitty payload
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-