General
-
Target
1.exe
-
Size
320KB
-
Sample
240924-veg6xaxdrh
-
MD5
db2bbb44f30afac31f911fe16b9db58c
-
SHA1
e4f9728b0f771e61813132dfd10b245b2f0dc94c
-
SHA256
8d41693aaa810b87d9523a64abac0a0c21db7b9542fbf7fda917a99e4464f89f
-
SHA512
acc12ca3f600e9105762114fa9224bccf4cdb1cfe02e364e3fdfbfe57aafcaa37b82af1e1929b47d9bf1db60cd7c239fbbfb4fea8fb2945b70d51edca8490f85
-
SSDEEP
6144:/3/Q1Q5Ng68j/svuP8wSFUygWK0tWrcBOvn:/3/Q6P8j/svugtZB
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1.exe
-
Size
320KB
-
MD5
db2bbb44f30afac31f911fe16b9db58c
-
SHA1
e4f9728b0f771e61813132dfd10b245b2f0dc94c
-
SHA256
8d41693aaa810b87d9523a64abac0a0c21db7b9542fbf7fda917a99e4464f89f
-
SHA512
acc12ca3f600e9105762114fa9224bccf4cdb1cfe02e364e3fdfbfe57aafcaa37b82af1e1929b47d9bf1db60cd7c239fbbfb4fea8fb2945b70d51edca8490f85
-
SSDEEP
6144:/3/Q1Q5Ng68j/svuP8wSFUygWK0tWrcBOvn:/3/Q6P8j/svugtZB
Score10/10-
StormKitty payload
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2