stormkitty | 88b8441562f66e629334bde8b40132c2_JaffaCakes118 | Triage

Sharing

General

Target

88b8441562f66e629334bde8b40132c2_JaffaCakes118
Size

510KB
MD5

88b8441562f66e629334bde8b40132c2
SHA1

e7eb07017b798bf17ac05f82c3f58957f0a66d1b
SHA256

71a1b762cc640d1719150451591ba3db1f78d23d12998feaec3c87606059d144
SHA512

cfa4f397fcea68fa0a8a165148b84ede970b989f4b0e67813c3f00d8c6d0e28a9ae25eff0ec7b25bbb504f6f4f8a2b0aee4c4dab3b1b5613b909a5c2c5825a81
SSDEEP

6144:JknKx/nscytzoyWL9+vZTh6YI0t8CrbmsG5lDv62NvTXhCCCZPnMdVUGO74lubmO:Jk6s4552ZTh6ctSDBpjhbSPnwyGOgBY

Score

10^/10

stormkitty

Malware Config

Signatures

StormKitty payload 1 IoCs

resource	yara_rule
sample	family_stormkitty

Stormkitty family
stormkitty

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88b8441562f66e629334bde8b40132c2_JaffaCakes118

Files

88b8441562f66e629334bde8b40132c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

G-XH|
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ