kutaki | b925013a9be16ff7d92304e0a913d625401edd0876a1ea76b5e5fb974f436d8d | Triage

Resubmissions

25-05-2023 04:47

230525-fekjpsgb23 10

Sharing

General

Target

Invoice_2505.zip
Size

2.1MB
Sample

230525-fekjpsgb23
MD5

8200263e849df772d48b36b1b49cbc70
SHA1

bcc10008f78b83d9d698b0abe678952a334e629f
SHA256

b925013a9be16ff7d92304e0a913d625401edd0876a1ea76b5e5fb974f436d8d
SHA512

fa439045595bb6ef3c1f492cdddde67bf0c7e590cdfa7ef76903bd96f0124535bb9ae8d2f75d4f232598916c60d8047cf0c29b8b61d16f3cdfc5ad5f6d5f8bd5
SSDEEP

49152:H8WC76tB8ZeF430cJ8cAdhh/0JoNFZ+wAaelyfxmD/2+CND:cWUHeF431xAdhRjHZQaOyfxmD/2+Cl

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  Invoice_2505.cmd
- Size
  
  2.4MB
- MD5
  
  a8f0d2b85e0c077a27bbe9b6c814716f
- SHA1
  
  2da8049841af9719ef1f076b4815cea1d85f81f6
- SHA256
  
  8e23a23412468de86e3bf6bc883fa14102e30d6d452a656a578c3a500aac76a2
- SHA512
  
  ec399e52f75731d5ef588d30242f639399f7e92be78e923c3328a0331d797db4ecd952684dffd229df6eb3652bc215eb8af2136234f89b328f621dedfafc0f17
- SSDEEP
  
  49152:lkWk5cS7a+9XYaQBZehc4mTYJ78V9gyBn4ccfmP/SA8N:RajJqZ942KQV9hp41fmP/SA8
Score

3^/10
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1