kutaki | 7be7c55b508491fc120da9f6e3390bd35f97c234088a1d512bc0209fe700cff2 | Triage

Sharing

General

Target

Invoice No 3031.zip
Size

610KB
Sample

230419-epaltagb72
MD5

a2085e75897e90b690272839e0780a2d
SHA1

f70f7dc4f0c41b30845a259eeeb88dc5a885566c
SHA256

7be7c55b508491fc120da9f6e3390bd35f97c234088a1d512bc0209fe700cff2
SHA512

7ba742697f1696a88d27e5870a0821817b35c5d35f2c4ae44d543753f07b51ae99673e39a60e901adb274ddcc7af119c60277f0676914d11c6c40cb3fd0c40e9
SSDEEP

12288:3n04QA9/mR/U7uLgkS0sCkt/FYRWXgIG9ABWt6EKegZfi9oAr:3tmR/+DkS0sCktN2feBpEKeSi1r

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  Invoice No 3031.cmd
- Size
  
  392KB
- MD5
  
  834d27a3338f27c774f1ac360bd811a2
- SHA1
  
  8b7c89a775b2cbe13b254ca062eea65f7c2ac6d6
- SHA256
  
  30dfdf5dc70837a7d9a22bb1128100ba462ef69d3cf97eaa65e7104dd19ce6d7
- SHA512
  
  64b75de52045819d4579c3fc35dd8364669f3564ae3aea63a939bf38f6f85636fe3b9aa719969989b9f4f1d91e1366b329ddd270aae60e5b3f091de46bd09c08
- SSDEEP
  
  6144:NioDjSNztkmcu1S4GlA9jmHv/VCSY3hw9lMbk6u1QMS0y+lqiHTonWryFDYR:wK46A9jmP/uhu/yMS08CkntxYR
Score

3^/10
behavioral1 behavioral2
- Target
  
  Invoice No 3031.cmd
- Size
  
  392KB
- MD5
  
  834d27a3338f27c774f1ac360bd811a2
- SHA1
  
  8b7c89a775b2cbe13b254ca062eea65f7c2ac6d6
- SHA256
  
  30dfdf5dc70837a7d9a22bb1128100ba462ef69d3cf97eaa65e7104dd19ce6d7
- SHA512
  
  64b75de52045819d4579c3fc35dd8364669f3564ae3aea63a939bf38f6f85636fe3b9aa719969989b9f4f1d91e1366b329ddd270aae60e5b3f091de46bd09c08
- SSDEEP
  
  6144:NioDjSNztkmcu1S4GlA9jmHv/VCSY3hw9lMbk6u1QMS0y+lqiHTonWryFDYR:wK46A9jmP/uhu/yMS08CkntxYR
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4