Overview

overview

10

Static

static

10

Stromkitty...ld.exe

windows7-x64

10

Stromkitty...ld.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Stromkitty.By.otaku_codes.rar

  • Size

    6.1MB

  • Sample

    250129-e8gt8stqej

  • MD5

    3cb13bd98e9698289993b3a0c2d8fea5

  • SHA1

    0a3086f6d2f557c63433e972226bf54357b7d28f

  • SHA256

    ba23be58cb6c4d9aa8cff3e1ee24486ccabec2158dfab3812e42f919812da281

  • SHA512

    fca38d754fe22e5cf71364af49b861d37dbbcc3c9ad30a6aec556398ba5b90998e1831c96d5772903ae1e726e1322ec3a3b0ff9524217e0a0c46ec9e522576f1

  • SSDEEP

    196608:jGTMsa03LVN/iQjBPKypuA8dIQvwyjengYZj+Sr:qMfIDT9uXdI0enVZj+Sr

Score
10/10
stormkittystealervmprotect

Malware Config

Targets

    • Target

      Stromkitty By otaku_codes/StormKittyBuild.exe

    • Size

      366KB

    • MD5

      1afedad3b668e4bd8faa5f2d7abda95b

    • SHA1

      99bca8ccac242858184191f64f5da874722442f8

    • SHA256

      3106f3defd63051dd4652582b58c1f030c102f5f6e49a10e3e008df6e7a27fc1

    • SHA512

      2b9eb2ed122e20e82148c2243d25376cb44008d91a2bda41922380955a532fe827503b527d39b3aa96d8a0cd85cfdc942c23203b87568d292313c203c499c0c0

    • SSDEEP

      6144:YxAcUJjuAxKzHlnoWINqzbv2Q9rUsbf4l35PKMxQpHUO6dUIY8u4eU:djuzBoD1Erf4lpi0O6yR8uK

    Score
    10/10
    stormkittystealer

    • StormKitty

      StormKitty is an open source info stealer written in C#.

      stealerstormkitty

    • StormKitty payload

    • Stormkitty family

      stormkitty

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks