stormkitty

Resubmissions

18-02-2025 20:39

250218-zfgnzsyma1 10

Sharing

Copy URL

Twitter E-mail

General

Target

builder - Copy.zip
Size

327KB
Sample

250218-zfgnzsyma1
MD5

d12b5e91eb03e83dcf8f7678329ff85a
SHA1

8003bc7d482a838ef87667273d197e2c8ab77e78
SHA256

42c98e8a72be5aaa67a675393d8e6a8702017de6154307a6dc3950f8dee992ff
SHA512

6dbc6af500167e5056ef13c9462f80579e69f05b836491eaa853e1b0179859fe9d67b03d8ff180ad83f11c49a596937a3525044bcea7da7846a318fb66ba80da
SSDEEP

6144:whAypyfJYXIAML+hq5Y++ehxaiY/nFEgsk7Tve0i25IAVvL5x:bycYC2++ehIf6k7TvZ5Nx

Score

10^/10

stormkitty stealer

Malware Config

Targets

- Target
  
  builder - Copy.zip
- Size
  
  327KB
- MD5
  
  d12b5e91eb03e83dcf8f7678329ff85a
- SHA1
  
  8003bc7d482a838ef87667273d197e2c8ab77e78
- SHA256
  
  42c98e8a72be5aaa67a675393d8e6a8702017de6154307a6dc3950f8dee992ff
- SHA512
  
  6dbc6af500167e5056ef13c9462f80579e69f05b836491eaa853e1b0179859fe9d67b03d8ff180ad83f11c49a596937a3525044bcea7da7846a318fb66ba80da
- SSDEEP
  
  6144:whAypyfJYXIAML+hq5Y++ehxaiY/nFEgsk7Tve0i25IAVvL5x:bycYC2++ehIf6k7TvZ5Nx
Score

1^/10
behavioral1
- Target
  
  builder - Copy/builder/Mono.Cecil.Mdb.dll
- Size
  
  42KB
- MD5
  
  dc80f588f513d998a5df1ca415edb700
- SHA1
  
  e2f0032798129e461f0d2494ae14ea7a4f106467
- SHA256
  
  90cfc73befd43fc3fd876e23dcc3f5ce6e9d21d396bbb346513302e2215db8c9
- SHA512
  
  1b3e57fbc10f109a43e229b5010d348e2786e12ddf48a757da771c97508f8f3891be3118ff3bb84c3fd6bfa1723c670541667cdbf2d14ea63243f6def8f038cc
- SSDEEP
  
  768:Cr5EYZep98C87KHeBUZwrEF7b+gxfM3AkMus4iWJq9F4CRIcZwMRTIzyAt9U2:Cr59g98C87KHeBUbwgKirbdwMRTzAt9l
Score

1^/10
behavioral2
- Target
  
  builder - Copy/builder/Mono.Cecil.Pdb.dll
- Size
  
  87KB
- MD5
  
  6cd3ed3db95d4671b866411db4950853
- SHA1
  
  528b69c35a5e36cc8d747965c9e5ea0dc40323b8
- SHA256
  
  d67ebd49241041e6b6191703a90d89e68d4465adce02c595218b867df34581a3
- SHA512
  
  e8ae4caf214997cc440e684a963727934741fd616a073365fa1fc213c5ca336c12e117d7fa0d6643600a820297fc11a21e4ac3c11613fba612b90ebd5fc4c07e
- SSDEEP
  
  1536:fU2qJ+RazRt/Kc4oJiOxFR4NdJF0/RfhF46HAoYKHgPzpS6w7fa1C9r:s2MRtrfrR+Pe/xAiAzpQ7y1C9r
Score

1^/10
behavioral3
- Target
  
  builder - Copy/builder/Mono.Cecil.Rocks.dll
- Size
  
  27KB
- MD5
  
  c8f36848ce8f13084b355c934fc91746
- SHA1
  
  8f60c2fd1f6f5b5f365500b2749dca8c845f827a
- SHA256
  
  a08c040912df2a3c823ade85d62239d56abaa8f788a2684fb9d33961922687c7
- SHA512
  
  7c47f96e0e7dfaebb4dccf99fa0dda64c608634e2521798fd0d4c74eb2641c848fadad29c2cd26eb9b45acdfef791752959117a59e1f0913f9092e4662075115
- SSDEEP
  
  384:E0ve8JOuJTiC7n2NwxEXCnjB+RXcMeDz8PmR1ugLoaeuLMBG9UphJAprjEduFLHJ:E+meiCyrXOwS8uRssveum1peFLHFBbO
Score

1^/10
behavioral4
- Target
  
  builder - Copy/builder/Mono.Cecil.dll
- Size
  
  337KB
- MD5
  
  7546acebc5a5213dee2a5ed18d7ebc6c
- SHA1
  
  b964d242c0778485322ccb3a3b7c25569c0718b7
- SHA256
  
  7744c9c84c28033bc3606f4dfce2adcd6f632e2be7827893c3e2257100f1cf9e
- SHA512
  
  30b3a001550dca88c8effc9e8107442560ee1f42e3d2f354cc2813ae9030bf872c76dc211fd12778385387be5937e9bf172ea00c151cab0bca77c8aafdd11f7d
- SSDEEP
  
  6144:jFzzF5VOCxfiKKhsw4NiL0XRzx9WoCklyus:BdfiKI4RzWSyu
Score

1^/10
behavioral5
- Target
  
  builder - Copy/builder/StormKittyBuilder.exe
- Size
  
  17KB
- MD5
  
  e936b50ab766fb1fdfee7b01b3e4450a
- SHA1
  
  6b45ee8349b61604c4007e775e34c8ca45cae16b
- SHA256
  
  241b415fdfc53d5c0df654fa70cdf4ddb9df6d5cac6d42e465f521f4321ffdfb
- SHA512
  
  d3091a39156bad832f2d9faee22ddc0f3055dc2562f93a0a5ead04938b528c202a9658d02ef3f5b3f2c36f4508b970d815033cb32e18f7098629b105a1fe93b8
- SSDEEP
  
  192:haVr0QqQdHrlZ/28pGdQCOhNQuMMgKCg3t5p70fOVXIjXFEs55zh4+W/YbWnTrev:KDOghNEMcg9PZrs5HQ/YXc
Score

10^/10

stormkitty stealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
behavioral6
- Target
  
  builder - Copy/builder/build.exe
- Size
  
  106KB
- MD5
  
  7d86ce63fb857ca060c4fe1064c76e61
- SHA1
  
  7ff1d6366e0545cf1b98a8410fb0abd19195e8dd
- SHA256
  
  3ecfbaf4769c2db033505aed0c69fa8c0fda8dda9e343af7ccaf0d50457bd1e0
- SHA512
  
  12f4292f4b6f337da19edbc5071d4e20599da1f7e07cb8ed06b950a7888251a9ec26a07e5d84c2aa935d5613b99de84bab679b43016c17939d353973d56f24a9
- SSDEEP
  
  1536:U7YfZJRZk79wZn8nESiIkD2V37AUIuvQ7sG69bAdI4pxReUbpqp6bDQx:U+RZk7WZnc4YOWQ7sR9bGpxReUbpqD
Score

10^/10

stormkitty stealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral7
- Target
  
  builder - Copy/builder/stub.exe
- Size
  
  107KB
- MD5
  
  eaa8de841b67c55c023f66729791a0d7
- SHA1
  
  1c6ebfb9a9bfa35dfd698876433ae521513fca81
- SHA256
  
  1eb1ec2ae87071342c03080d209fd4983c793204a88772187c7f764c4f4118fe
- SHA512
  
  6fff0b607ed1d29344acdd85b7d4b5e64cfc03b3ad9fc9bb9fca64ccf9021d527b78f6417fd811385c37cd5905b56e03793175c37f84878ad483d0edaede92ac
- SSDEEP
  
  3072:X2ZYhX5B/BrwRlilIEtBeQ7sR9bGpxRBU6pY2z:fhX5e4l5e8u9bY
Score

10^/10

stormkitty stealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

StormKitty payload

Stormkitty family

StormKitty

StormKitty payload

Stormkitty family

Looks up external IP address via web service

StormKitty

StormKitty payload

Stormkitty family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8