stormkitty | e4ce533707f9e1945dffa512023c4c9d4b9343a6e6218844bf8fac3e957b9260

Analysis

max time kernel
61s
max time network
63s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
31-03-2023 05:28

Target

Prynt Stealer 5.6fixed.exe
Size

378KB
MD5

914c3ed0bc1e3014e15b17d87a61f7c4
SHA1

9df55d26eb513d1916faab783c60f5b20cec8bc5
SHA256

9a9a42bc0f7b7636a202561359da1098d2f4c45f27e80fdd062050a369e69a51
SHA512

3ea3481377efe7b1873c7ab90719786aa2d9f82cdf75f243b27c6918280430bbee78833fba18dd5d69df3caf596c82faa481cad78aa64fdb7a6758b8b9161cde
SSDEEP

6144:qTWgV4CTshTKxoGEflVecSEuNYnMuBAnLzuyvwWoSF45AcTG8OnXKxQmqbAQ4jeI:qTWwshTKxoGEflsFEuNYB8z1wWo4sAIx

Score

10^/10

StormKitty
StormKitty is an open source info stealer written in C#.
stealer stormkitty

StormKitty payload 1 IoCs

Processes:

resource	yara_rule
behavioral15/memory/2148-133-0x0000000000B60000-0x0000000000BC6000-memory.dmp	family_stormkitty

Obfuscated with Agile.Net obfuscator 6 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

Processes:

resource	yara_rule
behavioral15/memory/2148-137-0x0000000005740000-0x0000000005760000-memory.dmp	agile_net
behavioral15/memory/2148-138-0x00000000057A0000-0x00000000057B4000-memory.dmp	agile_net
behavioral15/memory/2148-140-0x00000000057C0000-0x00000000057CE000-memory.dmp	agile_net
behavioral15/memory/2148-141-0x00000000061D0000-0x00000000061EE000-memory.dmp	agile_net
behavioral15/memory/2148-142-0x0000000006660000-0x00000000067A2000-memory.dmp	agile_net
behavioral15/memory/2148-145-0x0000000005820000-0x0000000005830000-memory.dmp	agile_net

C:\Users\Admin\AppData\Local\Temp\Prynt Stealer 5.6fixed.exe
"C:\Users\Admin\AppData\Local\Temp\Prynt Stealer 5.6fixed.exe"
1⤵
PID:2148

memory/2148-133-0x0000000000B60000-0x0000000000BC6000-memory.dmp

Filesize
408KB

Download
memory/2148-134-0x0000000005C00000-0x00000000061A4000-memory.dmp

Filesize
5.6MB

Download
memory/2148-135-0x0000000005550000-0x00000000055E2000-memory.dmp

Filesize
584KB

Download
memory/2148-136-0x0000000005600000-0x000000000560A000-memory.dmp

Filesize
40KB

Download
memory/2148-137-0x0000000005740000-0x0000000005760000-memory.dmp

Filesize
128KB

Download
memory/2148-138-0x00000000057A0000-0x00000000057B4000-memory.dmp

Filesize
80KB

Download
memory/2148-139-0x0000000006300000-0x000000000644E000-memory.dmp

Filesize
1.3MB

Download
memory/2148-140-0x00000000057C0000-0x00000000057CE000-memory.dmp

Filesize
56KB

Download
memory/2148-141-0x00000000061D0000-0x00000000061EE000-memory.dmp

Filesize
120KB

Download
memory/2148-142-0x0000000006660000-0x00000000067A2000-memory.dmp

Filesize
1.3MB

Download
memory/2148-143-0x0000000005820000-0x0000000005830000-memory.dmp

Filesize
64KB

Download
memory/2148-144-0x0000000005820000-0x0000000005830000-memory.dmp

Filesize
64KB

Download
memory/2148-145-0x0000000005820000-0x0000000005830000-memory.dmp

Filesize
64KB

Download
memory/2148-146-0x0000000005820000-0x0000000005830000-memory.dmp

Filesize
64KB

Download
memory/2148-147-0x0000000005820000-0x0000000005830000-memory.dmp

Filesize
64KB

Download
memory/2148-148-0x0000000005820000-0x0000000005830000-memory.dmp

Filesize
64KB

Download