stormkitty | e1aad6f75f7137d31bc3863c66ca49d1e730b63e5419b7aeef9ff2fbd178e9ca | Triage

Submit
Reports

Overview

overview

Static

static

XWorm V5.6.7z

windows7-x64

7

XWorm V5.6.7z

windows10-2004-x64

7

Sharing

General

Target

XWorm V5.6.7z
Size

20.3MB
Sample

241111-bjqjassmam
MD5

53c8043d0214e8406e0aca1febb87689
SHA1

30619cef6b50395f73ba561ec6a4746b4c215b6c
SHA256

e1aad6f75f7137d31bc3863c66ca49d1e730b63e5419b7aeef9ff2fbd178e9ca
SHA512

22224bc83cc97f6bba03f544152479964214363ed6d8c36637ad8325065069cd9bbbb64829d4b650a3342e8c34fbcc932c362697fdacb60eb8d0685641d489fc
SSDEEP

393216:7qKeYOG5obdpgrFXNDVE4cnsF/v3J3UaAi+RMmB1z7tKccsiKjv4zdw:7qVYORBpgbD+4aQ3NyAmHvAdw

Score

10^/10

stormkitty xworm

Static task

static1

stormkitty xworm

6 signatures

Behavioral task

behavioral1

Sample

XWorm V5.6.7z

Resource

win7-20240708-en

windows7-x64

7 signatures

1800 seconds

Behavioral task

behavioral2

Sample

XWorm V5.6.7z

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

1800 seconds

Malware Config

Targets

- Target
  
  XWorm V5.6.7z
- Size
  
  20.3MB
- MD5
  
  53c8043d0214e8406e0aca1febb87689
- SHA1
  
  30619cef6b50395f73ba561ec6a4746b4c215b6c
- SHA256
  
  e1aad6f75f7137d31bc3863c66ca49d1e730b63e5419b7aeef9ff2fbd178e9ca
- SHA512
  
  22224bc83cc97f6bba03f544152479964214363ed6d8c36637ad8325065069cd9bbbb64829d4b650a3342e8c34fbcc932c362697fdacb60eb8d0685641d489fc
- SSDEEP
  
  393216:7qKeYOG5obdpgrFXNDVE4cnsF/v3J3UaAi+RMmB1z7tKccsiKjv4zdw:7qVYORBpgbD+4aQ3NyAmHvAdw
Score

7^/10
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stormkittyxworm

behavioral1

behavioral2

© 2018-2024

Terms | Privacy