stormkitty | Blitzed[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Blitzed.exe
Size

1.1MB
MD5

2ebfa7922f03d927393ea180d9599b7b
SHA1

03d7fecb8753deee1de9684a162a3c3e8e13860f
SHA256

ff00ae0db4e8a0fca34756da09e3ba9ec3b2acfaee75c26c77ffe73206653e5e
SHA512

5dff457012065550e9b1ae32622a4a2a47e81c8d6b1f5ae010c2c08a55d8b457c2f74d530dfb9b3132a4cc964894669047abd9853a6e82729ca3175a7d8e8ace
SSDEEP

24576:8y6NXaV9x4IUgs36BUI2So5+jnzFoCaGApu8b:8H0T+Sk6BU7HIFo7G98

Score

10^/10

stormkitty

Malware Config

Signatures

StormKitty payload 1 IoCs

resource	yara_rule
sample	family_stormkitty

Stormkitty family
stormkitty

Files

Blitzed.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ