General
-
Target
CryptoFactory.exe
-
Size
6.0MB
-
MD5
527e4ae4c9a4f056e8a4ca219c5089e6
-
SHA1
dfc855147f098b2db6857c0e3305b8850c61671f
-
SHA256
06a8dff1d1fba038b6d551d502eca4ff79a471a7f3c46ea4cfc88bce5ba86b62
-
SHA512
7d17209527e6cb292e8f74197a2c44de8b72307432b3477dee88edb48b2bf2c4c7647edef3dcd68f2e935601c9046f0225a254a2d572af34ef712f3387d5e7c1
-
SSDEEP
98304:aGOYln80EisK9yJND14r0Uhmkl1qa1Egu2Wh/X9Tm0OXcPwQESF/IKc6jF:aFqnPEZZzeJmkl1qHd2i/9TjElH8QKcK
Score
10/10
Malware Config
Signatures
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
CryptoFactory.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections