General

  • Target

    Tax Payment Confirmation.exe

  • Size

    805KB

  • MD5

    ff22cbacd681684e683e3cc90b5eeb49

  • SHA1

    ff242e78602ea1c38bf81830932858188a682040

  • SHA256

    026fd16b5f3c3d9d23e9a9dbd29af68d89e6ed4d8cadc250e00d798fd489d74a

  • SHA512

    d012ee702f1566fd99658bc231ddb5152001c11f665351c6a269293f00a5d9d67ade90e3d342f30a4b709067c59e7d01c4eecf5d418f0ea638d1857f5f0c3b25

  • SSDEEP

    12288:cwU/v0YM3/BJzGG6bBiNH46A9jmP/uhu/yMS08CkntxYRjL:BK2BN6BiNYfmP/UDMS08Ckn3W

Score
10/10

Malware Config

Extracted

Family

kutaki

C2

http://linkwotowoto.club/new/two.php

Signatures

  • Kutaki Executable 1 IoCs
  • Kutaki family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Tax Payment Confirmation.exe
    .exe windows:4 windows x86 arch:x86

    c98838d35f14dddf2bc4be01dcd4e4a9


    Headers

    Imports

    Sections