General
-
Target
StormKitty.Builder.zip
-
Size
5.5MB
-
Sample
250417-waqg6axsfy
-
MD5
0c0015680539af7ffb68272b800db5f6
-
SHA1
2b0c7294ee81a20fabef2c936fca56a82b8cfbfe
-
SHA256
5b2415107c80165c255d444ca76ac2b1b422e5f4a1661380c39504139b75867c
-
SHA512
570c6d16bb7d02ffdef3e1ebbfc036a7900d78f931e1f0ec0eb53b3cd04f2a266a942801fddadcb43351ee8642596ee01feac2dfe8445a5437d4c2720597528c
-
SSDEEP
98304:C4kt1M20VX66e1GPLgbQBhHGtgsNoN0DtIrw5ntEhZCn/lLiWO9r28BHXHk95D5J:nE+OGo8BGasNo8cw5+CskIXE/Dcw
Malware Config
Targets
-
-
Target
StormKitty.Builder/Builder.exe
-
Size
40KB
-
MD5
766b531d3ea87df07f4a30478e0b6fea
-
SHA1
3a723efa352eff3421bb1a6fbee9aac3c68a56bd
-
SHA256
d3cf46a48919b2e21163ec3a38b3212eb2a130c0c58e9797590d0ef1767583d8
-
SHA512
a8ba8f652cf030daad7ef4971b41253cfe57717b70c4aeed0ce1689a73d6d92562185e9b9aa672f6da1ce4ab476b152d08026060ed41d1b97f19044c135b4742
-
SSDEEP
384:gWSeROQvTrHR5szYa/Yw2MX1nHmFrooooooooooboooooooooLzyCWS/h4:xzjTDHsz/YSNyeyD04
Score10/10-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty payload
-
Stormkitty family
-
-
-
Target
StormKitty.Builder/Mono.Cecil.dll
-
Size
337KB
-
MD5
7546acebc5a5213dee2a5ed18d7ebc6c
-
SHA1
b964d242c0778485322ccb3a3b7c25569c0718b7
-
SHA256
7744c9c84c28033bc3606f4dfce2adcd6f632e2be7827893c3e2257100f1cf9e
-
SHA512
30b3a001550dca88c8effc9e8107442560ee1f42e3d2f354cc2813ae9030bf872c76dc211fd12778385387be5937e9bf172ea00c151cab0bca77c8aafdd11f7d
-
SSDEEP
6144:jFzzF5VOCxfiKKhsw4NiL0XRzx9WoCklyus:BdfiKI4RzWSyu
Score1/10 -
-
-
Target
StormKitty.Builder/icons/nord/Folder - Favorites.ico
-
Size
23KB
-
MD5
662b77d3b2c6d29dd29b2e23da67dab3
-
SHA1
d249c819b9cda535420e2956740107328e7e247c
-
SHA256
c3402a5d67a2b3a360a3c275805fcf75b9c2343d0c97f7a9c8448ac97e29410c
-
SHA512
f6bf65c212570023881aa8911977e92aa511a52173dd2835f58c078077c8a9c01b9952985ef283fab45230ea00e17a511acaa0cb30ebf3533d873fa0c0b19fb2
-
SSDEEP
384:WDuQWPYHleKilluIgImIm80KiMyc6f0sKUIHTIqILIMIAI9IuC/V+SeTHIbMwt4Z:WfZHktBC/wSeTobMwt4XR6EQiZTg0H
Score3/10 -
-
-
Target
StormKitty.Builder/obfuscator/Confuser.CLI.exe
-
Size
28KB
-
MD5
f03e1cfb8bfed0b793243a3fe5b19588
-
SHA1
686baab670836df515af6131e1e89737b13d503d
-
SHA256
2b3e5cb7f96589e5377700a5f7f25e9fc6a14539e85256e6ac6e85c07f769f61
-
SHA512
a57f3807a9064288080e8585d6193d184015ae832c91d4a1ed5f89070ceaddf00fede0727869c31045cd46c1fd5fef6b7baf9da7869cb80950b08dfb141fe051
-
SSDEEP
384:9pFyvbsul3krz2AmtZ1TltphRieCcJObGPIj8SC3sY75Y+wGIQlWqj8z9DV+V/8O:9f83k32AWH9hgbNzI5VogBji15/kHX
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Confuser.Core.dll
-
Size
179KB
-
MD5
b55534baec3ed55e42d9bf240073e8b8
-
SHA1
717b69eafed93ddfccb8ffd866351ec236824e6b
-
SHA256
05672d22e3158e033e6a8990591311220f8efaa2c6159cccc6d08e8fa128f498
-
SHA512
27b9fc3aad0e6c710f1ff719f037e4785596b645faddc41e94d643bf9979da71d3b65b460a0fd9dad4d0079cb2fb1388675c9f1ef1e4677e898504244155a80d
-
SSDEEP
3072:kZHMUz2+yLcxf0YXmIG3cu0csGFc+Jp0hFhbEiSXB8BpOmdlrWLpYaOj4lf+Q1e:u1z2+yLAsuG3cu0csGFc+JkF1WYYjR+
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Confuser.DynCipher.dll
-
Size
46KB
-
MD5
34c77aee4f10e87cd655b26fff5e2898
-
SHA1
87c09d032fe0be6e18e561691702132c1b68c7da
-
SHA256
f146b894d5b8725b59124f313970fa9cb897ea6a09f2fe093e36832874f85674
-
SHA512
5bde380fcfce5f62721a014d37fcc37787ab74795f5afba0e808408ce7163c5b4dba5ea7c91eedb8a3dc57621ee7ee1ef84e8d7778eaceb9d8aa4b2255d1a953
-
SSDEEP
768:5GQQiCe6tUSZiOcZ6i/g0gJaMzddddddddddddddxddodTDEdFddEdEdUjdrJFdQ:5gip6liOe6YWFzddddddddddddddxddB
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Confuser.Protections.dll
-
Size
128KB
-
MD5
ed24fd75334b55be2728407eecb8c61e
-
SHA1
92ffa769d3ecbb8f02eda77c87fe75b291b73e8c
-
SHA256
a1d689aa8cc4b239e34fa97f9713f0ef9fe1b2ae26297818ea5edac9721b0d36
-
SHA512
c51031520b52e5bb1f53af21f3d2e3f1eebc17619d2b16961ce9f63c913a47c6bced2c68f1cbb8d919e64b5fbdc5f3695e40aed15a62d9dd87fb07ef59ac08af
-
SSDEEP
1536:ap6vUdXA6rWPF0kNq86q1Rq7y//stUxFXRzRQ2BmiwM6DipT829iT8AjDNlN4:k5ADP+kNF6q13/UtsFXddB829i7lN4
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Confuser.Renamer.dll
-
Size
303KB
-
MD5
5f2523c16e9509e66e243c533e9d1429
-
SHA1
2264222525f4a28d127f890fec0911d443424cc2
-
SHA256
61f2780c0823c10aecf3e1df2d422b3ea1f1d286652668bd06790496e22fdfc2
-
SHA512
1d4638905f728894c80b2878d59e0bb69a8777f7d79a75ba7980663d3d12367257211cd3b301ccd7d3b2c58a3fd8f95fb90189c7c8236b4a3b717b78b859b764
-
SSDEEP
3072:eWdJgCtrmGkMrMAi3nfVqJ2z4xLB5hpcJa2ocDv9jPSj6LU/th183cok7NYZ1//e:ndxtKVYnpcg3jpShq
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Confuser.Runtime.dll
-
Size
42KB
-
MD5
43afbe110d9d9e4bc930137e3d7a76f2
-
SHA1
b7b42a04b2876095cdb1fa786d193119b0187e85
-
SHA256
df47f392af638f6abc0b1d4588a092c34e2b5bd4c9dd55bee0588aa8d1095dce
-
SHA512
d6a534531854fbe69ac64a587cb5ca093a70cfe3117e9713e2fca59226106b96123d4f74655f6751852d38de424f3d9cc9ba4a8f4be44ba25f1ef5a23f794034
-
SSDEEP
768:NVa33blIUOFjFjYxSjA4firWWy75sJUJ0cVSecNvRj2luQWKtsM7M3Y7IVqwocsq:NUZ4f2q5OUJfVJcpK1Y3Y7IVqwocCK
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/ConfuserEx.exe
-
Size
387KB
-
MD5
4c1e657978a4e3541fc918111fe1cb45
-
SHA1
96e4d1267e188c9038ef77a6a53f8e184e246afa
-
SHA256
25f62aebb3b5b770109f428a4bde2ae5de0c6a7820a4239935df6a011d388047
-
SHA512
27c91d0aa4b017a3e7c2cf05ceb53aea5c6b4fe5bc3ff324c4e31853982d1305c906c1064efed8a0a0def969dc52e07ae9ae8c71bd5aadfa663e85c7a33ae1bc
-
SSDEEP
6144:CCX7SpYHHTBozY8VwaWUdL1w3o6qUjIp6uWd:CxpYHHTObVwaWs+3jjIsuc
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/GalaSoft.MvvmLight.Extras.WPF4.dll
-
Size
25KB
-
MD5
c3da80ccd3f75aa501b1fdfc4c84356a
-
SHA1
dfeee09dda1459817d38f815179a70e14b4ac80d
-
SHA256
3bedc71f4e45b886f7d3b26d64dd8d3c476967f867c1db6df72aaea04749e3b5
-
SHA512
659f0a047e9f5790642dbd79ad3a7b8bbea4ccfe2fc1bd200adf13a52b65decde3d2348772f94c2bb3d70278988ae400bbf89fa8e8d93dde6919cc0722afcfdc
-
SSDEEP
384:6Taz9Dvrbn00XZcEMqjou+l2byXNBJKZLYkzsYLydvo1PyvqAjMu:YqP00XRMqx+l2byTwHPLavo1PqqAjMu
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/GalaSoft.MvvmLight.WPF4.dll
-
Size
28KB
-
MD5
9f02cf4213025fbc586911f0f21f9326
-
SHA1
7a36bbc1631d5c58c389ab1504defd4c5b455dab
-
SHA256
1b38a543efc299dc4ad2ba27a80f75f372a3946035bf9f3e429cda6548d855a0
-
SHA512
e9835b7ebd83505cbe3ae3c2a7f650fed07542ae9986b6a249b9fc034cb4e2cdc878bb9401314b563e2c9f4d405d1827fc9a240fa754cbce48cb704defe78feb
-
SSDEEP
768:2S9I2WCOryU9syVui9hOJ7AgjOfTqQnGG59O4kAdMxqqAVs6B:lLOryU9sy1QOq9G5QgAVAJ
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Microsoft.Practices.ServiceLocation.dll
-
Size
17KB
-
MD5
e834e45855e8d220b0c5d0c1cac24e44
-
SHA1
d8aaf831cf5b90a206ee9348386a72498af0c0ee
-
SHA256
78ac70411c71b7a0c68fe8746edd3f3a8cd3f72044b329a40ab53c57891be37d
-
SHA512
f91a3fa6d522ad5f977af744618d5adc1a6caea0645d870e10962e00c03534cc3a9fa1d82001627f5b6fc3186bd51e3e69d16dd689c5e7cd4d84ac66ae9a63f3
-
SSDEEP
384:U0xk42ZtyyslnQyrgbPyIH/rFzsX+cAW++2Wx1q//0GftpBjIc0:DVegwRe+c3S8iC/
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/Ookii.Dialogs.Wpf.dll
-
Size
101KB
-
MD5
0639ef1897705ee546e1580bc33d8286
-
SHA1
894df794d1ff2ae657bc0c5ac3d4f7f64a91e0c2
-
SHA256
1e39859b4c14afabbef8b3c3ad2607524148757fdb25bd1b2d801facebd5032f
-
SHA512
d0cf4fb5b5b923b97b3ad343031b257acceddbb06dd5bb67106d2d75ad7a5f56cd97c849eacd245e4c760453db78d252cd0c755e7274b42fb272b4ddd3aef3ef
-
SSDEEP
1536:jV8mYEiU5uh8sm6b0HR4+mDe1ZcmzAyHIuciBwKaHSWhqrbB3/G2y:x8mYEioo6ZjPcuci2Sd9G
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/System.Threading.dll
-
Size
378KB
-
MD5
f5ee17938d7c545bf62ad955803661c7
-
SHA1
dd0647d250539f1ec580737de102e2515558f422
-
SHA256
8a791af9e3861e231662b657098a823b21a084cbb6a4901d6ccf363405849a78
-
SHA512
669a89ad811cda4f3ff4aa318aa03e26e4cb41ea22bc321bad02a671273d867cbd223a64bb30da592a5484a9f1cec77c96f5bf63b1fe586b6d3688b8c9da530c
-
SSDEEP
6144:mH4bNycoylcQQAzB0ebN+pM4CHavptCyO3mEQGS/eoO4:mYbNWQQAzB0e176veD3mPh/O4
Score1/10 -
-
-
Target
StormKitty.Builder/obfuscator/System.Windows.Interactivity.dll
-
Size
39KB
-
MD5
3ab57a33a6e3a1476695d5a6e856c06a
-
SHA1
dabb4ecffd0c422a8eebff5d4ec8116a6e90d7e7
-
SHA256
4aace8c8a330ae8429cd8cc1b6804076d3a9ffd633470f91fd36bdd25bb57876
-
SHA512
58dbfcf9199d72d370e2d98b8ef2713d74207a597c9494b0ecf5e4c7bf7cf60c5e85f4a92b2a1896dff63d9d5107f0d81d7dddbc7203e9e559ab7219eca0df92
-
SSDEEP
768:6MazwAgR8/XJ665bKZdxuB8DCuL5enM7JxKjuMlZCZN+R0E7E:63wBccZdxuB8mQen6JxKjrlMZgR0Eo
Score1/10 -