kutaki | 1add4a876fb3d2a2f694ee3eecb0d6d5600efdad1b9f4a2fd27f7babfc265ce4 | Triage

Sharing

General

Target

Invoice No 74492.cmd
Size

2.3MB
Sample

230512-hjsf8acb44
MD5

d61b4e414e08564e3c76514dabc61bc7
SHA1

c4497f7036a753b19d4c22eb68d943fd4908bb3d
SHA256

1add4a876fb3d2a2f694ee3eecb0d6d5600efdad1b9f4a2fd27f7babfc265ce4
SHA512

d760efa49774c9e72fe8a911c08ac945342878252a19627a3a41be5e91eaab9b4bfa5982fee5c27df10e0a4645435393a3191f5116b6ac3a8a789a8db2ef7f37
SSDEEP

49152:OkWk5cS7a+9XYaQRZehc4mTYJ78V9gyBn4co5fmP/SA8N:yajJiZ942KQV9hp4ffmP/SA8

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  Invoice No 74492.cmd
- Size
  
  2.3MB
- MD5
  
  d61b4e414e08564e3c76514dabc61bc7
- SHA1
  
  c4497f7036a753b19d4c22eb68d943fd4908bb3d
- SHA256
  
  1add4a876fb3d2a2f694ee3eecb0d6d5600efdad1b9f4a2fd27f7babfc265ce4
- SHA512
  
  d760efa49774c9e72fe8a911c08ac945342878252a19627a3a41be5e91eaab9b4bfa5982fee5c27df10e0a4645435393a3191f5116b6ac3a8a789a8db2ef7f37
- SSDEEP
  
  49152:OkWk5cS7a+9XYaQRZehc4mTYJ78V9gyBn4co5fmP/SA8N:yajJiZ942KQV9hp4ffmP/SA8
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2