Overview

overview

10

Static

static

10

r163uG0XxK...tE.exe

windows7-x64

10

r163uG0XxK...tE.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    r163uG0XxKTfeq3Bw5HAFeXZXk-KaaerIjWC8H8AAtE.bin

  • Size

    121KB

  • Sample

    230823-xqq93agd6w

  • MD5

    7e27d4a685f428efc340e7a80e978a5d

  • SHA1

    e10ddd22bbff1ed0ace9d07a4a543f1350c3d66e

  • SHA256

    af5eb7b86d17c4a4df7aadc1c391c015e5d95e4fca69a7ab223582f07f0002d1

  • SHA512

    b8acc174c239dfba5335cc5bfdd129dc59084a3a0d76a27c724e440453fc2b5d0e09c97f5c180f011132ffded9aba44b75c5c94c0573c72dd412559e1c911a19

  • SSDEEP

    1536:nX/vUgPZC1U23x3BcoEQ7TXyU88Im7c/XusGA9bAI1ozoEXiLDU6pUbMUik:nPvUlK23B7G4K/XusN9b9IiLDU6pUbz

Score
10/10
stormkittyspywarestealer

Malware Config

Targets

    • Target

      r163uG0XxKTfeq3Bw5HAFeXZXk-KaaerIjWC8H8AAtE.bin

    • Size

      121KB

    • MD5

      7e27d4a685f428efc340e7a80e978a5d

    • SHA1

      e10ddd22bbff1ed0ace9d07a4a543f1350c3d66e

    • SHA256

      af5eb7b86d17c4a4df7aadc1c391c015e5d95e4fca69a7ab223582f07f0002d1

    • SHA512

      b8acc174c239dfba5335cc5bfdd129dc59084a3a0d76a27c724e440453fc2b5d0e09c97f5c180f011132ffded9aba44b75c5c94c0573c72dd412559e1c911a19

    • SSDEEP

      1536:nX/vUgPZC1U23x3BcoEQ7TXyU88Im7c/XusGA9bAI1ozoEXiLDU6pUbMUik:nPvUlK23B7G4K/XusN9b9IiLDU6pUbz

    Score
    10/10
    stormkittystealerspyware

    • StormKitty

      StormKitty is an open source info stealer written in C#.

      stealerstormkitty

    • StormKitty payload

    • Downloads MZ/PE file

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks