Overview

overview

10

Static

static

10

8885a16529...0N.exe

windows7-x64

10

8885a16529...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8885a16529c6832e1cd77b155de7bc60N.exe

  • Size

    7.2MB

  • MD5

    8885a16529c6832e1cd77b155de7bc60

  • SHA1

    07491563ffc5bc40f3e0b9748669ba8ba3cd77e3

  • SHA256

    4d86f85044737f0ffd39482330ab0175e4f8b29017370326f1fe9abe03815ecc

  • SHA512

    95ed36eb1079098972281a91aaf19bff0b14696d532dc5d5049dc59488122a85d9c2fc78b02fc1aa3cf09e1d0f4ab9c6bbb07a68b24c41b30d323bf7cbbd847c

  • SSDEEP

    3072:Oe8oX8Sb5KcXrtkkXmf/bDsvqtU+lLToChAP0UZ0b2gT8GwAqE+Wpo7:/Xtb5KcXr7XmfgqtjhAxZ0b2FO

Score
10/10
defaultstormkittyasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

https://api.telegram.org/bot7098574639:AAFPe7yc2myaqYLQpGxfhbTUYr2bZbUddD0/sendMessage?chat_id=921280047
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Asyncrat family
    asyncrat
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8885a16529c6832e1cd77b155de7bc60N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections