General
-
Target
tmpgexr2q_k
-
Size
1.1MB
-
Sample
250322-s8dz8swta1
-
MD5
232c212c9113f53c896dfe41233778ce
-
SHA1
9596f5aaeef3596a3d53fc779f10cd0bac60f0f4
-
SHA256
67f8ac44865344d1ca5dbd1e739061450776db095c676d0afe63c0b406f38996
-
SHA512
734a3de6650522fcc8150b611b37032cb69857c2e0949568f5cc811332027ceed8d1cdb49d485b877b0e4afbd0ae4392dfe8cfe4f867fd95a4d8886abeb67be0
-
SSDEEP
24576:3/iNXaV9x4IUgs36BUI2So5+jnzFoCaGApu8:3q0T+Sk6BU7HIFo7G98
Behavioral task
behavioral1
Sample
tmpgexr2q_k.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
tmpgexr2q_k.exe
Resource
win10v2004-20250314-en
Malware Config
Targets
-
-
Target
tmpgexr2q_k
-
Size
1.1MB
-
MD5
232c212c9113f53c896dfe41233778ce
-
SHA1
9596f5aaeef3596a3d53fc779f10cd0bac60f0f4
-
SHA256
67f8ac44865344d1ca5dbd1e739061450776db095c676d0afe63c0b406f38996
-
SHA512
734a3de6650522fcc8150b611b37032cb69857c2e0949568f5cc811332027ceed8d1cdb49d485b877b0e4afbd0ae4392dfe8cfe4f867fd95a4d8886abeb67be0
-
SSDEEP
24576:3/iNXaV9x4IUgs36BUI2So5+jnzFoCaGApu8:3q0T+Sk6BU7HIFo7G98
Score10/10-
StormKitty payload
-
Stormkitty family
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-