General

  • Target

    cmap_09b6d924e652b34a95fb.zip

  • Size

    481KB

  • Sample

    210628-xlswkj8ah6

  • MD5

    d794ea466f362b686f124afe8efe23b9

  • SHA1

    16fb48709954239904d7027315925a57f8da6774

  • SHA256

    26b7517266f5967dd807168238b40c16fdfbf335779aac3f73fc12eae94718f3

  • SHA512

    22147c359e492102e4738bd4002b6d90f0b4227d78a4371cb8370c669453a8d4a6107aba4d08c758d08937028aa00a7da5389e3e2518e15f5859f2931efa3b9a

Malware Config

Targets

    • Target

      09b6d924e652b34a95fb02274774c1547dd2cf5e4979e2b0e168e3e22d9afb6f.bin

    • Size

      1.1MB

    • MD5

      193a660baa90cbdfb08591fab626fc32

    • SHA1

      5d1df68b8e55a59ea83cd823a8e7db95ffb48d88

    • SHA256

      09b6d924e652b34a95fb02274774c1547dd2cf5e4979e2b0e168e3e22d9afb6f

    • SHA512

      95a2627043b6ae4c1f9ec23f88bc4ee99e52731a30ccd9b10fbf45719a10965ac9e2742385a4a8424a6a26916dfae91639014dee2915f944a72c07797f90545c

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks