kutaki | 3e954b6126839364720363cbb12950a0b4bc91a0e473cfb59bc1a3b091f228d9 | Triage

Sharing

General

Target

CONTRACT PAPER.cmd
Size

2.3MB
Sample

230323-jpkt1agc8t
MD5

7eb3534ce78a2b53a2d8536f1b4c733e
SHA1

f55af08ba5e762cbd3fd0d63b81ef370152e5d7b
SHA256

3e954b6126839364720363cbb12950a0b4bc91a0e473cfb59bc1a3b091f228d9
SHA512

056b06ae6f1c2068245cc45ebc4db81a5d2b13cbc9cb6642b725382989231d5432c4e2f065a49c6186db4979701ab5803a08d8139abcd61ef07b265d094133bc
SSDEEP

49152:nkWk5cS7a+9XYaQ/Zehc4mTYJ78V9gyBn4cXefmP/SA8N:fajJwZ942KQV9hp4DfmP/SA8

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  CONTRACT PAPER.cmd
- Size
  
  2.3MB
- MD5
  
  7eb3534ce78a2b53a2d8536f1b4c733e
- SHA1
  
  f55af08ba5e762cbd3fd0d63b81ef370152e5d7b
- SHA256
  
  3e954b6126839364720363cbb12950a0b4bc91a0e473cfb59bc1a3b091f228d9
- SHA512
  
  056b06ae6f1c2068245cc45ebc4db81a5d2b13cbc9cb6642b725382989231d5432c4e2f065a49c6186db4979701ab5803a08d8139abcd61ef07b265d094133bc
- SSDEEP
  
  49152:nkWk5cS7a+9XYaQ/Zehc4mTYJ78V9gyBn4cXefmP/SA8N:fajJwZ942KQV9hp4DfmP/SA8
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2