General

  • Target

    StormSpoofer.rar

  • Size

    2.7MB

  • MD5

    937ac0d358a2fe8a75e582f88bb16903

  • SHA1

    363c4503b71977dd8b6a2e2e6d14a051cc86f544

  • SHA256

    b0a4e447d41c4e1fe3b1105125814d4210332c70c743bef134077b7000bf1701

  • SHA512

    8a022e2b140006b712fdd89ed75580cc31dd141b86f38cfc65661fde4f426bd45b2c4578e7a644346120ddf25865bff003c52ae5e8f167614a90ade212654565

  • SSDEEP

    49152:bazEbFcnk5DYxn1vZNI9GrdXWLoXKjprTkJPCz+uIoJ1ilMY4V5xS4TShoohWy+F:beEbG+YoErdGLoXMpvktaWlMYy+W33

Score
10/10

Malware Config

Signatures

  • StormKitty payload 1 IoCs
  • Stormkitty family
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • StormSpoofer.rar
    .rar
  • StormSpoofer/HwidSpoof.dll
    .dll regsvr32 windows x64

    b3be293d83ecbf8a1bc53714c98ce3c2


    Headers

    Imports

    Exports

    Sections

  • StormSpoofer/ReadBeforeLaunch.txt
  • StormSpoofer/SpoofB10S.dll
    .dll windows x64

    6b875420091521dc7a8d93e7420291a3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • StormSpoofer/StormSpoof.dll
    .dll windows x64

    5bff85bb5100a39c4506cc0b90f00a02


    Headers

    Imports

    Exports

    Sections

  • StormSpoofer/StormSpoofer.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections