General

  • Target

    SecuriteInfo.com.Variant.Bulz.342535.8726.4736

  • Size

    4.3MB

  • Sample

    220818-kf1drsfaa6

  • MD5

    a267d58bf6913e3c289d452109f88f06

  • SHA1

    9413185764215de2c35d250b61bba0978f41fbab

  • SHA256

    7f14f5b831d5c9b212fb43f420c5b685fb5be173564dfb4edff70e29e5a0d306

  • SHA512

    ef1e0bef585633ca98a9ad1ef7c2674ba9e61a5ff7936cbcf549578f7e07d93c9dc6c0fb17e474efd14d0ed2953961503cb7fa1b21e9c68409fc7a930a3193bb

  • SSDEEP

    49152:Id7p3y/X7eQyNlFnGd7p3y/X7eQyNlFnoAqwE5Lrm4LOEQP4sd7p3y/X7eQyNlFX:IdFlsdFlLLE5LrmhE+4sdFlbfmP/SA8R

Score
10/10

Malware Config

Extracted

Family

kutaki

C2

http://ojorobia.club/laptop/laptop.php

http://terebinnahicc.club/sec/kool.txt

Targets

    • Target

      SecuriteInfo.com.Variant.Bulz.342535.8726.4736

    • Size

      4.3MB

    • MD5

      a267d58bf6913e3c289d452109f88f06

    • SHA1

      9413185764215de2c35d250b61bba0978f41fbab

    • SHA256

      7f14f5b831d5c9b212fb43f420c5b685fb5be173564dfb4edff70e29e5a0d306

    • SHA512

      ef1e0bef585633ca98a9ad1ef7c2674ba9e61a5ff7936cbcf549578f7e07d93c9dc6c0fb17e474efd14d0ed2953961503cb7fa1b21e9c68409fc7a930a3193bb

    • SSDEEP

      49152:Id7p3y/X7eQyNlFnGd7p3y/X7eQyNlFnoAqwE5Lrm4LOEQP4sd7p3y/X7eQyNlFX:IdFlsdFlLLE5LrmhE+4sdFlbfmP/SA8R

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks