General
-
Target
Tanks
-
Size
536KB
-
Sample
220805-ggn6caffb6
-
MD5
a695ab311e3449cacf5a2611dffac5bd
-
SHA1
919bcf5d483dc9f3875114cc5fd680218f1316e5
-
SHA256
adf9efacd9820fcb0f0fa83f1eb39732e53706cce443286a6484eb59abcc91ff
-
SHA512
59f512f5a778fd79e6312f5fe9a7edc6987fa1049ba9570dbc1cc43f93c673fcb4a04ae2cae417576f5579cce644bf7567fae4d1996e45572b243bdb987799dc
Behavioral task
behavioral1
Sample
Tanks.exe
Resource
win7-20220715-en
Malware Config
Extracted
kutaki
http://newloshree.xyz/work/kenny3.php
Targets
-
-
Target
Tanks
-
Size
536KB
-
MD5
a695ab311e3449cacf5a2611dffac5bd
-
SHA1
919bcf5d483dc9f3875114cc5fd680218f1316e5
-
SHA256
adf9efacd9820fcb0f0fa83f1eb39732e53706cce443286a6484eb59abcc91ff
-
SHA512
59f512f5a778fd79e6312f5fe9a7edc6987fa1049ba9570dbc1cc43f93c673fcb4a04ae2cae417576f5579cce644bf7567fae4d1996e45572b243bdb987799dc
-
Kutaki Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-