stormkitty | 987af5ed785a0c412b8c4f829df902e82e62e21917aa7abdcc0d825b4a463c67 | Triage

Sharing

General

Target

XWorm-5.6.rar
Size

21.5MB
Sample

250120-2g3nysspgk
MD5

4f57637d0aa8ed0d3055802c3a90a58d
SHA1

c8b298c0edea336ee4710a3c1da5cc7bce7467cf
SHA256

987af5ed785a0c412b8c4f829df902e82e62e21917aa7abdcc0d825b4a463c67
SHA512

5d7fae098076531f1af3447d03cfc1909cdc00cd3757132bee7d8ccb1b84d1e57d1c11066afa70c2d102fbcc5233a7e43c2ff017dc67a2cf7591a923032d54f7
SSDEEP

393216:D+N2F6y80fxdY24Xhf7QUECurlXcphU4SwUKidjxOfvP5AXyaLe39neZ:D+Nj6x+TlEUEhIXSwUbdF6pEyJ3UZ

Score

10^/10

stormkitty xworm discovery

Malware Config

Targets

- Target
  
  Fixer.bat
- Size
  
  122B
- MD5
  
  2dabc46ce85aaff29f22cd74ec074f86
- SHA1
  
  208ae3e48d67b94cc8be7bbfd9341d373fa8a730
- SHA256
  
  a11703fd47d16020fa099a95bb4e46247d32cf8821dc1826e77a971cdd3c4c55
- SHA512
  
  6a50b525bc5d8eb008b1b0d704f9942f72f1413e65751e3de83d2e16ef3cf02ef171b9da3fff0d2d92a81daac7f61b379fcf7a393f46e914435f6261965a53b3
Score

5^/10
- Drops file in System32 directory
behavioral1
- Target
  
  XWorm V5.6.exe.config
- Size
  
  183B
- MD5
  
  66f09a3993dcae94acfe39d45b553f58
- SHA1
  
  9d09f8e22d464f7021d7f713269b8169aed98682
- SHA256
  
  7ea08548c23bd7fd7c75ca720ac5a0e8ca94cb51d06cd45ebf5f412e4bbdd7d7
- SHA512
  
  c8ea53ab187a720080bd8d879704e035f7e632afe1ee93e7637fad6bb7e40d33a5fe7e5c3d69134209487d225e72d8d944a43a28dc32922e946023e89abc93ed
Score

3^/10

discovery
behavioral2
- Target
  
  Xworm V5.6.exe
- Size
  
  14.9MB
- MD5
  
  56ccb739926a725e78a7acf9af52c4bb
- SHA1
  
  5b01b90137871c3c8f0d04f510c4d56b23932cbc
- SHA256
  
  90f58865f265722ab007abb25074b3fc4916e927402552c6be17ef9afac96405
- SHA512
  
  2fee662bc4a1a36ce7328b23f991fa4a383b628839e403d6eb6a9533084b17699a6c939509867a86e803aafef2f9def98fa9305b576dad754aa7f599920c19a1
- SSDEEP
  
  196608:P4/BAe1d4ihvy85JhhYc3BSL1kehn4inje:PuyIhhkRka4i
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stormkittyxworm

behavioral1

behavioral2

behavioral3