General

  • Target

    0d486324cdfd386ebe13de2b72c18fef0ff6c9aa0a513096f19a2a5277333c7bN.exe

  • Size

    5.7MB

  • Sample

    250323-bgt4psyqz2

  • MD5

    d0c97c1ecff74ea6d68c31501e7f46a0

  • SHA1

    e144738950d117a566f361843e840b1929a6a304

  • SHA256

    0d486324cdfd386ebe13de2b72c18fef0ff6c9aa0a513096f19a2a5277333c7b

  • SHA512

    5c2aa7b75d249647f03ea6ebda4bda03a1d0d85f43c172b29e4dd4e56c8394727710cece5e1196b719befae5e3dc05aeb8d8bb90e1f34f363d97d3554757f2a8

  • SSDEEP

    98304:3cQg+id0+pUl6oJM76ijQLfs7g707Pq76XtDU8P54xeN4L:3Lid04o6oJM76oQ7s7E0j5tI8PbU

Malware Config

Targets

    • Target

      0d486324cdfd386ebe13de2b72c18fef0ff6c9aa0a513096f19a2a5277333c7bN.exe

    • Size

      5.7MB

    • MD5

      d0c97c1ecff74ea6d68c31501e7f46a0

    • SHA1

      e144738950d117a566f361843e840b1929a6a304

    • SHA256

      0d486324cdfd386ebe13de2b72c18fef0ff6c9aa0a513096f19a2a5277333c7b

    • SHA512

      5c2aa7b75d249647f03ea6ebda4bda03a1d0d85f43c172b29e4dd4e56c8394727710cece5e1196b719befae5e3dc05aeb8d8bb90e1f34f363d97d3554757f2a8

    • SSDEEP

      98304:3cQg+id0+pUl6oJM76ijQLfs7g707Pq76XtDU8P54xeN4L:3Lid04o6oJM76oQ7s7E0j5tI8PbU

    • StormKitty

      StormKitty is an open source info stealer written in C#.

    • StormKitty payload

    • Stormkitty family

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Accesses Microsoft Outlook profiles

    • Checks whether UAC is enabled

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks