General

  • Target

    Payment Invoice.exe

  • Size

    528KB

  • Sample

    210515-bgjq7azwbe

  • MD5

    320090d1ac9ba762c9bd040360f9c65e

  • SHA1

    71013173b62a70b2dd92a9ba7a0deffdbf2785a2

  • SHA256

    72cb55cebcda51aa5c12fe82b731bf03fc96b15fc28eda52b2e7cb47de52af09

  • SHA512

    56eb784e79bc12362273917717f32306bdb0f00714442584263bd4ab11a3cbc73b630ba8256a09e88386395c75743b34c9a90e0e1bfc778e455ece8a25175618

Malware Config

Targets

    • Target

      Payment Invoice.exe

    • Size

      528KB

    • MD5

      320090d1ac9ba762c9bd040360f9c65e

    • SHA1

      71013173b62a70b2dd92a9ba7a0deffdbf2785a2

    • SHA256

      72cb55cebcda51aa5c12fe82b731bf03fc96b15fc28eda52b2e7cb47de52af09

    • SHA512

      56eb784e79bc12362273917717f32306bdb0f00714442584263bd4ab11a3cbc73b630ba8256a09e88386395c75743b34c9a90e0e1bfc778e455ece8a25175618

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks