General

  • Target

    SecuriteInfo.com.Variant.Ursu.936368.26254.27014

  • Size

    3.8MB

  • Sample

    220822-c2fmgscdf9

  • MD5

    d1b586770ba96cc84263f0d57528c7d3

  • SHA1

    dd68478ad1dc3ce4b097e189a7a7ef2535c18f3b

  • SHA256

    b88e6f01d21c1b53829821e235cadac0553258a12521865acbd99d03b7b551a1

  • SHA512

    0264ad585290ffea98043c57c190fdf02611bb9c2a26c852d0e58195bcc4d13fc7ec74c865bb3fa56f8f89d344c8632c4eb0b0a4a4f7f7c089d1f1cc290fdf44

  • SSDEEP

    98304:Th8I5Rmg0phI7SRhGfj+HGjamWen0nuIjt1glI5OAfmP/SA8Z:TOaqaSRO+HGj+en0tg2kymnShZ

Score
10/10

Malware Config

Extracted

Family

kutaki

C2

http://ojorobia.club/laptop/laptop.php

http://terebinnahicc.club/sec/kool.txt

Targets

    • Target

      SecuriteInfo.com.Variant.Ursu.936368.26254.27014

    • Size

      3.8MB

    • MD5

      d1b586770ba96cc84263f0d57528c7d3

    • SHA1

      dd68478ad1dc3ce4b097e189a7a7ef2535c18f3b

    • SHA256

      b88e6f01d21c1b53829821e235cadac0553258a12521865acbd99d03b7b551a1

    • SHA512

      0264ad585290ffea98043c57c190fdf02611bb9c2a26c852d0e58195bcc4d13fc7ec74c865bb3fa56f8f89d344c8632c4eb0b0a4a4f7f7c089d1f1cc290fdf44

    • SSDEEP

      98304:Th8I5Rmg0phI7SRhGfj+HGjamWen0nuIjt1glI5OAfmP/SA8Z:TOaqaSRO+HGj+en0tg2kymnShZ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks