General

  • Target

    https://www.dropbox.com/s/ou3xkgkz9fs49cv/Invoice

  • Sample

    230727-e9zfnshf53

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

    • Target

      https://www.dropbox.com/s/ou3xkgkz9fs49cv/Invoice

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    • Drops startup file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks