General

  • Target

    408e62f6612f1ace5d52c48c850a16881504dd50dd3af9bfc245bae8cb7cfeb0

  • Size

    740KB

  • Sample

    220703-mama3ahah6

  • MD5

    1ba628a1b76f3a2f4133f94c7c18f91c

  • SHA1

    876664b10a1fc68dba94efbb6aaa9f8eae3d1fac

  • SHA256

    408e62f6612f1ace5d52c48c850a16881504dd50dd3af9bfc245bae8cb7cfeb0

  • SHA512

    219a3a6e8cea16a58b90d7e2a044c4e7e26145e7e33c5a73033e382b2ccd8f8e16767af8af22f7f1db973733619a03e5cce1a4c2327f2d8f79db67f534f67e24

Malware Config

Targets

    • Target

      408e62f6612f1ace5d52c48c850a16881504dd50dd3af9bfc245bae8cb7cfeb0

    • Size

      740KB

    • MD5

      1ba628a1b76f3a2f4133f94c7c18f91c

    • SHA1

      876664b10a1fc68dba94efbb6aaa9f8eae3d1fac

    • SHA256

      408e62f6612f1ace5d52c48c850a16881504dd50dd3af9bfc245bae8cb7cfeb0

    • SHA512

      219a3a6e8cea16a58b90d7e2a044c4e7e26145e7e33c5a73033e382b2ccd8f8e16767af8af22f7f1db973733619a03e5cce1a4c2327f2d8f79db67f534f67e24

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks