General

  • Target

    b275f024acde70ac070eb766969a1227ccbf34b4012dbef68d0db0d2910b3caa

  • Size

    772KB

  • Sample

    220326-tpsvqaega7

  • MD5

    195938a648efcaf6fcf0a1a3ccde0b7d

  • SHA1

    475af17dfa9fb2dc370554710fc2b7a4f6bdd2e9

  • SHA256

    b275f024acde70ac070eb766969a1227ccbf34b4012dbef68d0db0d2910b3caa

  • SHA512

    5f2415687dd44e8e9e2bcc89c1ddc077fad1d789c64f249306e0b10578029b7821588cb3df80dfa545732583eccea091a0f49fdff85d4455546b2691b440acac

Malware Config

Targets

    • Target

      b275f024acde70ac070eb766969a1227ccbf34b4012dbef68d0db0d2910b3caa

    • Size

      772KB

    • MD5

      195938a648efcaf6fcf0a1a3ccde0b7d

    • SHA1

      475af17dfa9fb2dc370554710fc2b7a4f6bdd2e9

    • SHA256

      b275f024acde70ac070eb766969a1227ccbf34b4012dbef68d0db0d2910b3caa

    • SHA512

      5f2415687dd44e8e9e2bcc89c1ddc077fad1d789c64f249306e0b10578029b7821588cb3df80dfa545732583eccea091a0f49fdff85d4455546b2691b440acac

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks