General

  • Target

    d19992427b37f915362eb526956176c9

  • Size

    438KB

  • Sample

    211016-cfjr1scdfk

  • MD5

    d19992427b37f915362eb526956176c9

  • SHA1

    00c2b8f572afdcf91e3df56da532db18647667b9

  • SHA256

    8451eb87e2a3a73db78dceca538ffe5bec614f1297171910c57bd93484f679b7

  • SHA512

    6c1f15caa1e18c38ae7b8005911a8d02791e9ca29bf65d47c60014f685709cf5a421070937344a8e59160f44e41295dbdb6a08031ce18098c9683b5e26071c78

Malware Config

Targets

    • Target

      Tax Payment Challan.exe

    • Size

      608KB

    • MD5

      9c3259f246b2cd7518816219582660e6

    • SHA1

      ea8e49f9d6f50f5e2a209980338e1ee7621d0539

    • SHA256

      643cc72707fe55509c2798066f324eff41c95c9a3d0653110c377f4bf453c636

    • SHA512

      e255796bb0200086fc08869ab5d9773166ef3da757aa63c095059deeef16e555a41fd98a10bfe4466fb64115a03ee312839f91fdb17e7f2e364f7176c77531fa

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks