General

  • Target

    a09fd5ecf91fcdc892b38fb7fb356a972134863f8b639f307d01d688d2e3c050

  • Size

    755KB

  • Sample

    220708-y7dwqsffaj

  • MD5

    645be265d5378cdfdda8a059a228b9a2

  • SHA1

    2d7816de252f0881583fce21ccd4ef2e9bfe1dff

  • SHA256

    a09fd5ecf91fcdc892b38fb7fb356a972134863f8b639f307d01d688d2e3c050

  • SHA512

    55ccb2dfdf6776550bda7b476bdaac6ba6dac2d97f215d57b0e164544befbabb8732006cc1d8920452553f38dc453f497266d12d184bee79bb2ce3f5c7702f7a

Malware Config

Targets

    • Target

      a09fd5ecf91fcdc892b38fb7fb356a972134863f8b639f307d01d688d2e3c050

    • Size

      755KB

    • MD5

      645be265d5378cdfdda8a059a228b9a2

    • SHA1

      2d7816de252f0881583fce21ccd4ef2e9bfe1dff

    • SHA256

      a09fd5ecf91fcdc892b38fb7fb356a972134863f8b639f307d01d688d2e3c050

    • SHA512

      55ccb2dfdf6776550bda7b476bdaac6ba6dac2d97f215d57b0e164544befbabb8732006cc1d8920452553f38dc453f497266d12d184bee79bb2ce3f5c7702f7a

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks