kutaki | fffabbf5eb28e080d666156800c4d0a7ca5c986559fc5c3cc632155d12801fb4 | Triage

Sharing

General

Target

a1809e923de6cae635be84aa94afa7b7
Size

2.1MB
Sample

231108-c37scscc7z
MD5

a1809e923de6cae635be84aa94afa7b7
SHA1

5356d43b71caddec298f1c93625d72d57a95d9a5
SHA256

fffabbf5eb28e080d666156800c4d0a7ca5c986559fc5c3cc632155d12801fb4
SHA512

49534a75723741944adcb92db3f4b145cd306cb4c386b4884c47fbdd9ced6446706d73c9e691586077980514b9fd3c67a552b74b39d6ebb17709bb356256bb6c
SSDEEP

49152:Tz47kLqtm5DmVmEZseFnDuy3lf7mhmVC1OAXlEjwIUqoZ9m3/QG8Jz:TzZLHGZFKYl6MVYOAXlE8IFA9m3/QG8Z

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  INF_NEFT_Debit.bat
- Size
  
  2.3MB
- MD5
  
  15dd21aa387a33edb3cc7ab6caf90664
- SHA1
  
  5bc2c764c064f8c32217bff0938b1e79a0e486d6
- SHA256
  
  5963db9ee022b1331aa48c1c8c3b9b75bafb2f0297dced1928e88bdea3f790c8
- SHA512
  
  efc58f93bf628b98454fd22f6c2f540519829f752cd62b3d05f0695593a6ceca16f8261a8a61966518630f8a7110ba79d6240db0aeca4a445f27b7bbe18d8dd8
- SSDEEP
  
  49152:AWkWk5cS7a+9XYaQlZehc4mTYJ78V9gyBn4cSfmP/SA8N:A6ajJiZ942KQV9hp4xfmP/SA8
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2