General

  • Target

    RTGS Payment Confirmation.exe

  • Size

    1.1MB

  • Sample

    210714-dt8t8mzdja

  • MD5

    2cacb86c012f9210617b71fd4497cdc4

  • SHA1

    845264902c3666d4ac8611355911ee8791dfdbd9

  • SHA256

    920ffd770f11e6114c2f664391891d850906d71010618eba1577f247c5247d64

  • SHA512

    b3941b01cc3ac364489e3bd2a940befa6629676e21a72a3f98237933014f334cc1827a0641bf81d280ef66d9b2e16ff9aeda379d6330b73b6b3e25bec9c84d17

Malware Config

Targets

    • Target

      RTGS Payment Confirmation.exe

    • Size

      1.1MB

    • MD5

      2cacb86c012f9210617b71fd4497cdc4

    • SHA1

      845264902c3666d4ac8611355911ee8791dfdbd9

    • SHA256

      920ffd770f11e6114c2f664391891d850906d71010618eba1577f247c5247d64

    • SHA512

      b3941b01cc3ac364489e3bd2a940befa6629676e21a72a3f98237933014f334cc1827a0641bf81d280ef66d9b2e16ff9aeda379d6330b73b6b3e25bec9c84d17

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks