General

  • Target

    42a599077c305dc279440b0107ad763be0217960c598e16fa74182ed2457c2d3

  • Size

    402KB

  • Sample

    220708-caf4yaeed7

  • MD5

    079f8ff2f6952a0f9b3ab3cbd74d0420

  • SHA1

    fdbb836f1f883030d683792355f0b850439a2a9d

  • SHA256

    42a599077c305dc279440b0107ad763be0217960c598e16fa74182ed2457c2d3

  • SHA512

    f1c6f898f37072970e97dbee4d1739a16b05068d6f142bc00ae8c077f1ee2cb220c6b58ae50cb1e1f928073d14b212c0b8b4227415c9d4005e7949a399129864

Malware Config

Targets

    • Target

      Tax Payment Challan.scr

    • Size

      816KB

    • MD5

      62fd0aecb02f01f3a59131ba5ae8d38a

    • SHA1

      2c89f903ad958316ed22706c740cde7ee759247f

    • SHA256

      bdecdba010952f854106cced016ee000bfa09dd499d66fbc43acd585c9348c29

    • SHA512

      84ef0834069a71dc1e4b73c2a927a7357dc066ff72ef479166695d45ee631155b785c1009248b2fbb8452945f8db83f4e89e5cbbc4f974d2d7ac05f8f68e2dba

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks