General
-
Target
5b45d82c1bdeb0b5b91c84cd61c0359f95440e2a02ccc46258e76d4f4f679030exe_JC.exe
-
Size
309KB
-
Sample
230804-s1hcpaca66
-
MD5
7676d190a2a572a61972464293c7ba38
-
SHA1
9b5b992e855d4139d7b074149a68b05b04eca27c
-
SHA256
5b45d82c1bdeb0b5b91c84cd61c0359f95440e2a02ccc46258e76d4f4f679030
-
SHA512
4321be10b5da54380f5abd2f21e81f6d481f7cf0b09f55c92b24eecc6272ca59fbe47fedca806417efed37169c94ff80eb72fa3454a568f268fc81fa5ed6fd16
-
SSDEEP
6144:J1jCUYVklKf/STDbILwh4seUp3Op3kfgZzjXLOEDfvMs/clN:J1jH1lKf/STAUh1j+pS2fXiEDvXG
Behavioral task
behavioral1
Sample
5b45d82c1bdeb0b5b91c84cd61c0359f95440e2a02ccc46258e76d4f4f679030exe_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
5b45d82c1bdeb0b5b91c84cd61c0359f95440e2a02ccc46258e76d4f4f679030exe_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
5b45d82c1bdeb0b5b91c84cd61c0359f95440e2a02ccc46258e76d4f4f679030exe_JC.exe
-
Size
309KB
-
MD5
7676d190a2a572a61972464293c7ba38
-
SHA1
9b5b992e855d4139d7b074149a68b05b04eca27c
-
SHA256
5b45d82c1bdeb0b5b91c84cd61c0359f95440e2a02ccc46258e76d4f4f679030
-
SHA512
4321be10b5da54380f5abd2f21e81f6d481f7cf0b09f55c92b24eecc6272ca59fbe47fedca806417efed37169c94ff80eb72fa3454a568f268fc81fa5ed6fd16
-
SSDEEP
6144:J1jCUYVklKf/STDbILwh4seUp3Op3kfgZzjXLOEDfvMs/clN:J1jH1lKf/STAUh1j+pS2fXiEDvXG
Score10/10-
StormKitty payload
-
Downloads MZ/PE file
-
Deletes itself
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-