kutaki | fffabbf5eb28e080d666156800c4d0a7ca5c986559fc5c3cc632155d12801fb4 | Triage

Sharing

General

Target

a1809e923de6cae635be84aa94afa7b7
Size

2.1MB
Sample

231108-c37scscc7z
MD5

a1809e923de6cae635be84aa94afa7b7
SHA1

5356d43b71caddec298f1c93625d72d57a95d9a5
SHA256

fffabbf5eb28e080d666156800c4d0a7ca5c986559fc5c3cc632155d12801fb4
SHA512

49534a75723741944adcb92db3f4b145cd306cb4c386b4884c47fbdd9ced6446706d73c9e691586077980514b9fd3c67a552b74b39d6ebb17709bb356256bb6c
SSDEEP

49152:Tz47kLqtm5DmVmEZseFnDuy3lf7mhmVC1OAXlEjwIUqoZ9m3/QG8Jz:TzZLHGZFKYl6MVYOAXlE8IFA9m3/QG8Z

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  INF_NEFT_Debit.bat
- Size
  
  2.3MB
- MD5
  
  15dd21aa387a33edb3cc7ab6caf90664
- SHA1
  
  5bc2c764c064f8c32217bff0938b1e79a0e486d6
- SHA256
  
  5963db9ee022b1331aa48c1c8c3b9b75bafb2f0297dced1928e88bdea3f790c8
- SHA512
  
  efc58f93bf628b98454fd22f6c2f540519829f752cd62b3d05f0695593a6ceca16f8261a8a61966518630f8a7110ba79d6240db0aeca4a445f27b7bbe18d8dd8
- SSDEEP
  
  49152:AWkWk5cS7a+9XYaQlZehc4mTYJ78V9gyBn4cSfmP/SA8N:A6ajJiZ942KQV9hp4xfmP/SA8
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2