General
-
Target
9e13ee156adab18f49542bb2aa805489042260128faf9fd44de825dd2468dc7c
-
Size
1004KB
-
Sample
220731-jwqntsgebn
-
MD5
70d39c25c29fb2dccf9f1ec8c3968fe6
-
SHA1
be09f6755b4db2349af50ddde6fab592b46854df
-
SHA256
9e13ee156adab18f49542bb2aa805489042260128faf9fd44de825dd2468dc7c
-
SHA512
0aa03aec675f95a30a7057e9316d492ce57c2dcbfb24c0990ab38b1a10ac88c2cfe26829201ecd7a92767200e156618f6338798eae7d6b9e86b1aaab1ce03434
Behavioral task
behavioral1
Sample
9e13ee156adab18f49542bb2aa805489042260128faf9fd44de825dd2468dc7c.exe
Resource
win7-20220715-en
Malware Config
Extracted
kutaki
http://maregatu.club/paapoo/pove.php
http://terebinnahi.club/sec/kool.txt
Targets
-
-
Target
9e13ee156adab18f49542bb2aa805489042260128faf9fd44de825dd2468dc7c
-
Size
1004KB
-
MD5
70d39c25c29fb2dccf9f1ec8c3968fe6
-
SHA1
be09f6755b4db2349af50ddde6fab592b46854df
-
SHA256
9e13ee156adab18f49542bb2aa805489042260128faf9fd44de825dd2468dc7c
-
SHA512
0aa03aec675f95a30a7057e9316d492ce57c2dcbfb24c0990ab38b1a10ac88c2cfe26829201ecd7a92767200e156618f6338798eae7d6b9e86b1aaab1ce03434
-
Kutaki Executable
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-