General
-
Target
Payment Invoice.exe
-
Size
536KB
-
Sample
220805-lggtgsaehp
-
MD5
9843b9fbac7c29e981b543b30c66558e
-
SHA1
bc623264ef801a18de80e47b77dd4b273312222c
-
SHA256
3638566d6e2badddcb7f89c0b86dc064140d491adbec824cc5cf7386b487160c
-
SHA512
a9fb7623d0ae4f30d81eef2d3d5904d889d3421d6041c05bbc33531c3d5c484bd81414b7153e8a943d98560ec9a6efdbb0b677c0aaf555af453fb5e513f3b2b9
Behavioral task
behavioral1
Sample
Payment Invoice.exe
Resource
win7-20220718-en
Malware Config
Extracted
kutaki
http://newloshree.xyz/work/kenny3.php
Targets
-
-
Target
Payment Invoice.exe
-
Size
536KB
-
MD5
9843b9fbac7c29e981b543b30c66558e
-
SHA1
bc623264ef801a18de80e47b77dd4b273312222c
-
SHA256
3638566d6e2badddcb7f89c0b86dc064140d491adbec824cc5cf7386b487160c
-
SHA512
a9fb7623d0ae4f30d81eef2d3d5904d889d3421d6041c05bbc33531c3d5c484bd81414b7153e8a943d98560ec9a6efdbb0b677c0aaf555af453fb5e513f3b2b9
-
Kutaki Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-