Overview

overview

10

Static

static

10

Payment_Receipt.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Payment_Receipt.zip

  • Size

    2.1MB

  • Sample

    230907-nz7tqshd2v

  • MD5

    bf63fc45c319a29cfad91418a47e0936

  • SHA1

    3a659779ecd57473b596b4a047a62fda9f2f672c

  • SHA256

    77dfba9b6f16d20471d46be4faf4b0c7ce5be4b95e767d809ae5b71bfe6b57c7

  • SHA512

    72fa66028808f4b6384491b5cdb2b46e574394ba57d5a38e2a77c03c8c26371a54af8f4f83944bfde191dd3d1b1cac0ee613f9c0bbbbc3b48b53598e8e93ef6f

  • SSDEEP

    49152:Ipq/wcmd6Kwv92DbDAvDc7+uHH62MtHe0RgedBNmP/Q68rJ:Cq4DdDW9wPoe626+05dBNmP/Q681

Score
10/10
kutakikeyloggerstealer

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

    • Target

      Payment_Receipt.zip

    • Size

      2.1MB

    • MD5

      bf63fc45c319a29cfad91418a47e0936

    • SHA1

      3a659779ecd57473b596b4a047a62fda9f2f672c

    • SHA256

      77dfba9b6f16d20471d46be4faf4b0c7ce5be4b95e767d809ae5b71bfe6b57c7

    • SHA512

      72fa66028808f4b6384491b5cdb2b46e574394ba57d5a38e2a77c03c8c26371a54af8f4f83944bfde191dd3d1b1cac0ee613f9c0bbbbc3b48b53598e8e93ef6f

    • SSDEEP

      49152:Ipq/wcmd6Kwv92DbDAvDc7+uHH62MtHe0RgedBNmP/Q68rJ:Cq4DdDW9wPoe626+05dBNmP/Q681

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks