General

  • Target

    689a19bf9eed2b5458ee1ac3eb1b127500f658eee3acde9955efae97fb6ec32f

  • Size

    755KB

  • Sample

    220701-gbmekaecbp

  • MD5

    77f193dbefdabd317c13e70d24fba155

  • SHA1

    efca7bcad227df76ba1f3997bc32a7e18c68999f

  • SHA256

    689a19bf9eed2b5458ee1ac3eb1b127500f658eee3acde9955efae97fb6ec32f

  • SHA512

    d5ee8b4e8ed3184fc0f4c9996364b20538f64ed1f29364d456a28284d845c1e4fd2bdffb17ccc0831644180eb007d1a1fa9943c2514633db2d8e44c543bc27a2

Malware Config

Targets

    • Target

      689a19bf9eed2b5458ee1ac3eb1b127500f658eee3acde9955efae97fb6ec32f

    • Size

      755KB

    • MD5

      77f193dbefdabd317c13e70d24fba155

    • SHA1

      efca7bcad227df76ba1f3997bc32a7e18c68999f

    • SHA256

      689a19bf9eed2b5458ee1ac3eb1b127500f658eee3acde9955efae97fb6ec32f

    • SHA512

      d5ee8b4e8ed3184fc0f4c9996364b20538f64ed1f29364d456a28284d845c1e4fd2bdffb17ccc0831644180eb007d1a1fa9943c2514633db2d8e44c543bc27a2

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks