stormkitty | 51f2c3e1fd7d5a9a2d9c736c26a85c1870dbefea4254a3697d79aa095cb157f5 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm V5.zip

windows10-2004-x64

7

Sharing

General

Target

XWorm V5.zip
Size

31.4MB
Sample

240918-d2tpsazhpf
MD5

3415a93b795c772d202d64ed389666ae
SHA1

b5aa030783f74e71dfbf8f16598283e73b688d0a
SHA256

51f2c3e1fd7d5a9a2d9c736c26a85c1870dbefea4254a3697d79aa095cb157f5
SHA512

e67e51ac983b2150010a40dac02a5e2f0f1d7a23502552a2e12538478800b1f4c0ebbed3539c15f32137701d12e189827aa9e1e6c0edd7327dc8102299eaf0f1
SSDEEP

786432:dEDpbLRYIhPp1zfGXUFmq+wjZywUUq/IkCregzvXWIaPQwv9U+Tn:d+pbLRFZfjuUgq+wjbIIkeeg7XRO9U8n

Score

10^/10

stormkitty agilenet

Static task

static1

agilenet stormkitty

5 signatures

Behavioral task

behavioral1

Sample

XWorm V5.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

600 seconds

Malware Config

Targets

- Target
  
  XWorm V5.zip
- Size
  
  31.4MB
- MD5
  
  3415a93b795c772d202d64ed389666ae
- SHA1
  
  b5aa030783f74e71dfbf8f16598283e73b688d0a
- SHA256
  
  51f2c3e1fd7d5a9a2d9c736c26a85c1870dbefea4254a3697d79aa095cb157f5
- SHA512
  
  e67e51ac983b2150010a40dac02a5e2f0f1d7a23502552a2e12538478800b1f4c0ebbed3539c15f32137701d12e189827aa9e1e6c0edd7327dc8102299eaf0f1
- SSDEEP
  
  786432:dEDpbLRYIhPp1zfGXUFmq+wjZywUUq/IkCregzvXWIaPQwv9U+Tn:d+pbLRFZfjuUgq+wjbIIkeeg7XRO9U8n
Score

7^/10

agilenet
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

agilenetstormkitty

behavioral1

© 2018-2024

Terms | Privacy