stormkitty | Release[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

Release.rar
Size

91.2MB
MD5

1a013acdfa60741ac44386b0bcaded3f
SHA1

da9b948a64315f7730cc2fca5248e1f982a48132
SHA256

0295ff6ecf568fb2e5daa5c22d9c9688899924bd3b83c269c313156c688cfd34
SHA512

5c3b03026dc5b65c2dd8d2113faa47c4d07eaa0e129c95428e3350292c145a70a7bc7516c7d974bd8f6029d6abb24726b7dcfd00b3473742e9a570d582b7b54d
SSDEEP

1572864:egtYVjFsVc1FHDAiqrl+xHm5/ZAcYQgWb9Tgv755TrPWp7hv9aJt/3:ecYRkczCTRFY0MD6RiJt/

Score

10^/10

stormkitty

Malware Config

Signatures

StormKitty payload 1 IoCs

resource	yara_rule
static1/unpack001/Release/Stub/DestinyClient.exe	family_stormkitty

Stormkitty family
stormkitty

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Release/Destiny Stealer.exe
unpack001/Release/Stub/DestinyClient.exe

Files

Release.rar
.rar
Release/Destiny Stealer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\aarbe\source\repos\Destiny Stealer\Destiny Stealer\obj\Release\Destiny Stealer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92.1MB - Virtual size: 92.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/Destiny Stealer.exe.config
Release/Destiny Stealer.pdb
Release/Stub/DestinyClient.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 92.1MB - Virtual size: 92.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 558KB - Virtual size: 558KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 92.1MB - Virtual size: 92.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 558KB - Virtual size: 558KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B