stormkitty | 46e1081372a9209e9bb11225ecfdcd3d3824a51a568c03763e2c689c4ef3928f | Triage

Sharing

General

Target

DiscordMulty.rar
Size

3.7MB
Sample

240802-wflfdsydjb
MD5

981187d8addde5cbf8186db39a5eb885
SHA1

18acf273a86e61b17c6df24ad988182e80541c6a
SHA256

46e1081372a9209e9bb11225ecfdcd3d3824a51a568c03763e2c689c4ef3928f
SHA512

32606af10a762a7bbb2bbd08def5808dc3817abca24eaee8348cab28c14afd1413339a9ec2adbea75cd242de3d3ae49e3e2cb02ceb782d745013614dbd1ef3ce
SSDEEP

49152:Er8nNFEfeAMLxtndQpcR0EyB4afsHnckkTeql5c4rdFLacfgiL0WaLKYmpldw7:/kOVtgcROFU8k0N59rdMVvWKxSdw7

Score

10^/10

stormkitty discovery stealer

Malware Config

Targets

- Target
  
  DiscordMulty.rar
- Size
  
  3.7MB
- MD5
  
  981187d8addde5cbf8186db39a5eb885
- SHA1
  
  18acf273a86e61b17c6df24ad988182e80541c6a
- SHA256
  
  46e1081372a9209e9bb11225ecfdcd3d3824a51a568c03763e2c689c4ef3928f
- SHA512
  
  32606af10a762a7bbb2bbd08def5808dc3817abca24eaee8348cab28c14afd1413339a9ec2adbea75cd242de3d3ae49e3e2cb02ceb782d745013614dbd1ef3ce
- SSDEEP
  
  49152:Er8nNFEfeAMLxtndQpcR0EyB4afsHnckkTeql5c4rdFLacfgiL0WaLKYmpldw7:/kOVtgcROFU8k0N59rdMVvWKxSdw7
Score

3^/10
behavioral1 behavioral2
- Target
  
  DiscordMulty/DRouter.exe
- Size
  
  1.9MB
- MD5
  
  4d978f4a830f374b5867f1ae53b08ffc
- SHA1
  
  827b301d630a037a6559acc3b63612fded885767
- SHA256
  
  a881c67a5ad97fed46616a1c219a4c70fffcbe3ec1f0c900747e2ba75131b143
- SHA512
  
  f9339c421b5a8ee85358d0a4384ef3d203cb68572152f02c9610c4c371091d5c5caed5fde3a3c379ef3feaa2c86cc123e09596fb8862816ea60ae2d78d6a6091
- SSDEEP
  
  3072:gq6+ouCpk2mpcWJ0r+QNTBfqcm2GvaDE:gldk1cWQRNTBS
Score

10^/10

stormkitty discovery stealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

stormkittydiscoverystealer

behavioral4

stormkittydiscoverystealer