kutaki | 9d6fa0924b1af1e34d01ecf998135140d96ea73bcf1fe28941f66e1ba3f7d9bf | Triage

Sharing

General

Target

hahaha.exe
Size

2.3MB
Sample

231107-p2pllsee2w
MD5

d28dc0c7e546e8f0e4ac5b9106d72fda
SHA1

1d6720b2e4bfe813adfbe2b45e9554e3b4b08542
SHA256

9d6fa0924b1af1e34d01ecf998135140d96ea73bcf1fe28941f66e1ba3f7d9bf
SHA512

e279c197f83cf0bbcedead49f7efa7d8176187740b6f145f1058c714ab2fb7c250aee01b8f8dd625bcd1d7b5d50dd5c5c9e82409a1d06885d026f014b9c9ba7e
SSDEEP

49152:nkWk5cS7a+9XYaQ6Zehc4mTYJ78V9gyBn4czPfmP/SA8N:fajJhZ942KQV9hp44PfmP/SA8

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  hahaha.exe
- Size
  
  2.3MB
- MD5
  
  d28dc0c7e546e8f0e4ac5b9106d72fda
- SHA1
  
  1d6720b2e4bfe813adfbe2b45e9554e3b4b08542
- SHA256
  
  9d6fa0924b1af1e34d01ecf998135140d96ea73bcf1fe28941f66e1ba3f7d9bf
- SHA512
  
  e279c197f83cf0bbcedead49f7efa7d8176187740b6f145f1058c714ab2fb7c250aee01b8f8dd625bcd1d7b5d50dd5c5c9e82409a1d06885d026f014b9c9ba7e
- SSDEEP
  
  49152:nkWk5cS7a+9XYaQ6Zehc4mTYJ78V9gyBn4czPfmP/SA8N:fajJhZ942KQV9hp44PfmP/SA8
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2