Overview

overview

10

Static

static

10

SecuriteIn...02.exe

windows7_x64

3

SecuriteIn...02.exe

windows10-2004_x64

7

Resubmissions

14-07-2022 15:43

220714-s55nsacbd4 10

17-06-2022 01:34

220617-by4dpscea6 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Variant.Symmi.62789.30802.23604

  • Size

    1.1MB

  • Sample

    220714-s55nsacbd4

  • MD5

    88b1e9514adcdc4941f53ac88aa7db69

  • SHA1

    f53bc85c538a7ac70ab66c6f9598e8f3fd003d38

  • SHA256

    6d0cf17f8f261b8c65feef7b2dbec93ceac870ca0daf6f400625c89744a4f710

  • SHA512

    0636e75ad959a39da231cf416070f9541f9a04cec740937c21a5981d2ff7b3cbb090f78e792a819c18608e8acaf98310e02dfefe36269b2b956a779f03021853

Score
10/10
kutaki

Malware Config

Extracted

Family

kutaki

C2

http://ojorobia.club/laptop/laptop.php

http://terebinnahicc.club/sec/kool.txt

Targets

    • Target

      SecuriteInfo.com.Variant.Symmi.62789.30802.23604

    • Size

      1.1MB

    • MD5

      88b1e9514adcdc4941f53ac88aa7db69

    • SHA1

      f53bc85c538a7ac70ab66c6f9598e8f3fd003d38

    • SHA256

      6d0cf17f8f261b8c65feef7b2dbec93ceac870ca0daf6f400625c89744a4f710

    • SHA512

      0636e75ad959a39da231cf416070f9541f9a04cec740937c21a5981d2ff7b3cbb090f78e792a819c18608e8acaf98310e02dfefe36269b2b956a779f03021853

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks