General

  • Target

    CraxsRat V5.2.rar

  • Size

    217.0MB

  • Sample

    230803-2n211agd59

  • MD5

    115dbdb33c135c464c8754b159b8dfd4

  • SHA1

    c16acae430e729c1c6bffd08c03b1428aeed2eb1

  • SHA256

    d6c54e69692df634344c8c5fef1f2369f52ce8e6afe3f01ef17988f83343abfc

  • SHA512

    cf6e3029fda3b277047e78dea6524b97f699a0d6b8916fb529e56e661ac8655910446c6dcd28d8f2e575a2476319abe34c993ca7002f8d99c437259ba8e502d1

  • SSDEEP

    6291456:qdNSEUUh8Rp+A4kKozqYu10sdw8D6oxahlf:qd8AiZM0sdF6Lf

Malware Config

Targets

    • Target

      CraxsRat V5.2/CraxsRat_V5.2.exe

    • Size

      65.5MB

    • MD5

      e762e4dbb6abc3bc09e3d44591a4393c

    • SHA1

      a638dfafeb71f0d7002b0ec8c6908de8adb07c07

    • SHA256

      53ff4cc475f613f963f9e2f0bb8c34b4a0a1301096ac62668dad12b43222aaeb

    • SHA512

      bd3b2974acc24012169ebce2b0778eb65d040f84f53b159ad8fc60b99a85f0b9746eceb362439c96c069d62a4d60edfc1e248257752c6c83dd95b9c921d72bcf

    • SSDEEP

      1572864:ZFP7eOwbeQc2/sDxB8i/W/n0zKvSDuv5ypo0jK6QA7:Zx73wrc2ktB8ief8ISC2oEK67

    Score
    10/10
    • StormKitty

      StormKitty is an open source info stealer written in C#.

    • StormKitty payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks