General
-
Target
173041a84f38f3bd419a6993ff06c7c3e53bb763058036d4b25a047e190a50dbexe_JC.exe
-
Size
460KB
-
Sample
230803-s4xa1sfb3z
-
MD5
c52d61f4527cea4f33072d9261c66e0d
-
SHA1
e04686e3c845fa8dbeea70d2da18585abf4525b4
-
SHA256
173041a84f38f3bd419a6993ff06c7c3e53bb763058036d4b25a047e190a50db
-
SHA512
752d600987c2bac6cd9fb93dc19050b92d504572b32c096f14036904b115b272699eaaab6a2423966bb70aa1c20a264192b76b7149c3bc8f28b77aef6567dbd1
-
SSDEEP
6144:czSo/d5hYVOJ0WTUcrVA+cSJdtyDvU1N/ZZ9wdI4e41R6/I02XCkQSxK8Y+xiSoI:wSpWIEigyY1N/ZZ741RB0FS
Behavioral task
behavioral1
Sample
173041a84f38f3bd419a6993ff06c7c3e53bb763058036d4b25a047e190a50dbexe_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
173041a84f38f3bd419a6993ff06c7c3e53bb763058036d4b25a047e190a50dbexe_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
173041a84f38f3bd419a6993ff06c7c3e53bb763058036d4b25a047e190a50dbexe_JC.exe
-
Size
460KB
-
MD5
c52d61f4527cea4f33072d9261c66e0d
-
SHA1
e04686e3c845fa8dbeea70d2da18585abf4525b4
-
SHA256
173041a84f38f3bd419a6993ff06c7c3e53bb763058036d4b25a047e190a50db
-
SHA512
752d600987c2bac6cd9fb93dc19050b92d504572b32c096f14036904b115b272699eaaab6a2423966bb70aa1c20a264192b76b7149c3bc8f28b77aef6567dbd1
-
SSDEEP
6144:czSo/d5hYVOJ0WTUcrVA+cSJdtyDvU1N/ZZ9wdI4e41R6/I02XCkQSxK8Y+xiSoI:wSpWIEigyY1N/ZZ741RB0FS
Score10/10-
StormKitty payload
-
Downloads MZ/PE file
-
Deletes itself
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-