kutaki | 22d7b182b1714e4d4c20a0932f9f3164f1ddc48fa93f3678157222421a32f83f | Triage

Submit
Reports

Overview

overview

Static

static

ITR-V REFUND.exe

windows10-2004-x64

3

Sharing

General

Target

ITR-V REFUND.zipx
Size

2.1MB
Sample

240108-lwchbagce9
MD5

420ad41d4436eada483ea65d868f2d4b
SHA1

7f5b325f964085a538e33d75e034c7901d6255f7
SHA256

22d7b182b1714e4d4c20a0932f9f3164f1ddc48fa93f3678157222421a32f83f
SHA512

624dac7aaddc31e47a64f4de11f66cf9cbcff2eaf13a1d4d8ab58e1d2952d3fb334265a36c551624e9e85abc2a6e42aa236bd2933b3ea11af7ba48852d09720c
SSDEEP

49152:ccKXqKBgxhgi0Ap6TUybQHD8f9gK1MM4GyOT2HLPZ5cRcPsfm//R68Nt:0aKBgxypAqkHD8OKSM4/Trchfm//R68f

Score

10^/10

kutaki

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ITR-V REFUND.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

10 signatures

1800 seconds

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  ITR-V REFUND.bat
- Size
  
  2.4MB
- MD5
  
  38a6b50a1bde06601d6bc6f9abdc749b
- SHA1
  
  758b7f8cb589d3478da45e1fed970ccc0f8412e8
- SHA256
  
  612ced33c9ed75050dacc0fde4e6e20b6b39ed405fdd71377875484d70723ade
- SHA512
  
  f8abdc0c2106e1fe825e1a9435f9742492d6ca322fbdb43413d6bfbf54a32c7748a0c174e9cc4c52d8d1e20de05d91b8b8734a9fd91bd3169db71d6a035a7971
- SSDEEP
  
  49152:oCNkWk5cS7a+9XYaQ2Zehc4mTYJ78V9gyBn4ch6fmP/SA8N:NajJlZ942KQV9hp4pfmP/SA8
Score

3^/10
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy