Overview

overview

10

Static

static

10

Release/St...nt.exe

windows7-x64

10

Release/St...nt.exe

windows10-2004-x64

10

Release/Ze...er.exe

windows7-x64

3

Release/Ze...er.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Release.1.0.0.0.rar

  • Size

    94.7MB

  • Sample

    250131-tw47bs1jf1

  • MD5

    0c9ebdde5ac5e142215b81390047c296

  • SHA1

    f1be19ce25980f4264344e891a4f1a57cef81921

  • SHA256

    e512d3ee9d337b0a6bf6bc0c1a7cdc380038c055e7c3721dbf58b39c1ab45e74

  • SHA512

    bc2e7a976830214f429208834d055995a27770700056268f0d2ea7290926ebc888a102f6af852a7a46065f00823307d56731bccce19d461a2a87ea4fc33b9015

  • SSDEEP

    1572864:t2iN2mekubBybhTsegQ4swCLcLrf0sNHyEo2gl6+PI/voYvOe3v194rHQASwn+Fx:5ekOBytQljNSjFlfInoYGe3rQHQdii5z

Score
10/10
stormkittycollectiondiscoverypersistenceprivilege_escalationspywarestealer

Malware Config

Targets

    • Target

      Release/Stub/DestinyClient.exe

    • Size

      124KB

    • MD5

      18a330c0c46815c227282a7904934490

    • SHA1

      f3cfb765a2dabbf2b8387c345116de9d6fa32583

    • SHA256

      037cbf74f9c74780a84978646ae71eb7cf1c1324b7dff7828a92383d17896f4a

    • SHA512

      b27e92d34126c3007875c80d05287a153c15fca763a93ac133a1fe3d280b7da9a66a055770205233c60a857c9d867bdb4b5214bebdf85d6ca9c507aa14ae7692

    • SSDEEP

      3072:2k80D8yw5Ib5p3UuIns87TFbi9kN7xU53+X2KrVl:2kuI/Ehs0bwi

    Score
    10/10
    stormkittydiscoverystealercollectionpersistenceprivilege_escalationspyware

    • StormKitty

      StormKitty is an open source info stealer written in C#.

      stealerstormkitty

    • StormKitty payload

    • Stormkitty family

      stormkitty

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      Release/ZeroTrace Stealer.exe

    • Size

      92.1MB

    • MD5

      3663dac498a652e088a574306a9e650b

    • SHA1

      a0c1e6ca04379a352b1ada75122685f37cadd6f5

    • SHA256

      8fed2734ddc22f9076022f32dcfa5f82aeddb392072d0ecaf1d800543d36f3fd

    • SHA512

      b31aba8110ccfb2d6cbdfc63be4883e5a2bb1967431b090c9a8da52ac6ef457bd8c22721846566faebb3d590e0c9382bdb3cec136d1cdd6b0017c428112f3b0f

    • SSDEEP

      1572864:SgihGf71kr5fuvnZ9q2l+zPDPi6YMaNyQrbNJX0UyFMEO2NkNXFhxwCwM:SgihGBkr5fuvnZ9q2l+z7Pi/MP0f2ZOS

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks