General

  • Target

    db983f3dd070a7b403f0b56f7b377959c46416b3b48328b2e343f2ecd988b841

  • Size

    732KB

  • Sample

    220701-eddjbsaggk

  • MD5

    a20059fdc62668a1bc68d5f1691b33de

  • SHA1

    6f86fab1c3f5897c46e7a8a9386214c1dd3be4da

  • SHA256

    db983f3dd070a7b403f0b56f7b377959c46416b3b48328b2e343f2ecd988b841

  • SHA512

    5a882b4b51ee7bb9e3afd7033004391f9d71e82775da0034eb44cdaf1df1b6061a379a854d20576f3010d266f6475607fd29550825f1bd110698b5d525b986cb

Malware Config

Targets

    • Target

      db983f3dd070a7b403f0b56f7b377959c46416b3b48328b2e343f2ecd988b841

    • Size

      732KB

    • MD5

      a20059fdc62668a1bc68d5f1691b33de

    • SHA1

      6f86fab1c3f5897c46e7a8a9386214c1dd3be4da

    • SHA256

      db983f3dd070a7b403f0b56f7b377959c46416b3b48328b2e343f2ecd988b841

    • SHA512

      5a882b4b51ee7bb9e3afd7033004391f9d71e82775da0034eb44cdaf1df1b6061a379a854d20576f3010d266f6475607fd29550825f1bd110698b5d525b986cb

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks