General
-
Target
file.exe
-
Size
143KB
-
Sample
230508-j5ja4sbd7s
-
MD5
a28038e031eeff1996f7b0040ba40487
-
SHA1
fe80c042e5b20cd00f90cdcab9ff4479a49bcd5c
-
SHA256
e1c703f3c6da6029076e959d500aed7d9f104d258d22381eafc8fd8b9ebdae00
-
SHA512
5834ed9b5d66522b82885482cf45e58d4c2c44b2b42bdc12a4af141e8f5a54024f4cb723c0c1e94978d5031d64872937d5c88a01f9d371d9f8a9c67f6ed78908
-
SSDEEP
3072:G3YO5kKdXRRurjsL/Tuny9b34GZIKRWpgH3pf2z:qYOV+sTTgy9boLZ
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
143KB
-
MD5
a28038e031eeff1996f7b0040ba40487
-
SHA1
fe80c042e5b20cd00f90cdcab9ff4479a49bcd5c
-
SHA256
e1c703f3c6da6029076e959d500aed7d9f104d258d22381eafc8fd8b9ebdae00
-
SHA512
5834ed9b5d66522b82885482cf45e58d4c2c44b2b42bdc12a4af141e8f5a54024f4cb723c0c1e94978d5031d64872937d5c88a01f9d371d9f8a9c67f6ed78908
-
SSDEEP
3072:G3YO5kKdXRRurjsL/Tuny9b34GZIKRWpgH3pf2z:qYOV+sTTgy9boLZ
Score10/10-
StormKitty payload
-
Async RAT payload
-
Drops desktop.ini file(s)
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-