stormkitty | 761fe3bfd29723d4a7b71f22c1191dc6_JaffaCakes118 | Triage

Sharing

General

Target

761fe3bfd29723d4a7b71f22c1191dc6_JaffaCakes118
Size

113KB
MD5

761fe3bfd29723d4a7b71f22c1191dc6
SHA1

dd3cf53d6054f31f9247137893acf9979ac8c9c2
SHA256

229cbfd1358e41fe196d8ebb933d47df59ca25f95b3a063340b1e651adb250d6
SHA512

47d74ad81589af992e846cfa82e9e56985554e7639a15896bdfd1d274d9025d913d97a6fae1a590b42ad7214aec3bf87efe1465517ce7fc968fb674128b0fb2d
SSDEEP

1536:eb3j2BCVNWiJxDQHqSaiD02g9usGA9bAFV2zoEXiLDU6pdjul+5:03j2BCV9LSTIvusN9bAeiLDU6pdWi

Score

10^/10

stormkitty

Malware Config

Signatures

StormKitty payload 1 IoCs

resource	yara_rule
sample	family_stormkitty

Stormkitty family
stormkitty

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
761fe3bfd29723d4a7b71f22c1191dc6_JaffaCakes118

Files

761fe3bfd29723d4a7b71f22c1191dc6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Вовочка\Desktop\StormKitty-master\StormKitty\stub\Neko\obj\Release\StormKitty.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ