General
-
Target
9e7bf4b2bd7f30ea9d9dca6bc80d28c5b43202df1477a4d46f695e096dce17ba
-
Size
1.5MB
-
Sample
240816-sbmk4svbrm
-
MD5
ff83471ce09ebbe0da07d3001644b23c
-
SHA1
672aa37f23b421e4afba46218735425f7acc29c2
-
SHA256
9e7bf4b2bd7f30ea9d9dca6bc80d28c5b43202df1477a4d46f695e096dce17ba
-
SHA512
179c724558065de4b7ea11dd75588df51a3fce737db3ebc77c8fdc0b3a432f6f1fdcc5acd2e2706ab0f088c35a3310c9e638de92ce0a644322eae46729aea259
-
SSDEEP
24576:nK7tMGUfQtpOdk3xWBq0qWH6JubmMTzfZwLDC4pZylqUAc2:JQ7AkiqQaJjMHWvlpOqUt2
Static task
static1
Behavioral task
behavioral1
Sample
9e7bf4b2bd7f30ea9d9dca6bc80d28c5b43202df1477a4d46f695e096dce17ba.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
9e7bf4b2bd7f30ea9d9dca6bc80d28c5b43202df1477a4d46f695e096dce17ba.exe
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
9e7bf4b2bd7f30ea9d9dca6bc80d28c5b43202df1477a4d46f695e096dce17ba
-
Size
1.5MB
-
MD5
ff83471ce09ebbe0da07d3001644b23c
-
SHA1
672aa37f23b421e4afba46218735425f7acc29c2
-
SHA256
9e7bf4b2bd7f30ea9d9dca6bc80d28c5b43202df1477a4d46f695e096dce17ba
-
SHA512
179c724558065de4b7ea11dd75588df51a3fce737db3ebc77c8fdc0b3a432f6f1fdcc5acd2e2706ab0f088c35a3310c9e638de92ce0a644322eae46729aea259
-
SSDEEP
24576:nK7tMGUfQtpOdk3xWBq0qWH6JubmMTzfZwLDC4pZylqUAc2:JQ7AkiqQaJjMHWvlpOqUt2
Score10/10-
StormKitty payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Enumerates processes with tasklist
-