Overview

overview

10

Static

static

10

Tax Paymen...pt.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Tax Payment Receipt.zip

  • Size

    434KB

  • Sample

    240410-gmlmeaaa3v

  • MD5

    9f4e9e87cc9eaf70e854c1e536b455b5

  • SHA1

    23d47f1fce8059aa934f001ac75d0bc305b95c48

  • SHA256

    39a0e00b451da223a68e93feba38ebf9ab22c5b53d8c683020a431e75aee2b24

  • SHA512

    52fb26589148bc44ff6c6daad0cf1e03095d15ea19b93432b0f5af1beef6d9389e6114a02047f49fb512feb726d5d1d238da526c55cd3e497c9f573fdcd114ae

  • SSDEEP

    12288:F1O+cV5qy07nR2Lnk4cA9jWv/mhurmMS+8qkn9tUWLQ:nCVl01EJWv/M1MS+8qknrUWLQ

Score
10/10
kutaki

Malware Config

Extracted

Family

kutaki

C2

http://linkwotowoto.club/new/two.php

Targets

    • Target

      Tax Payment Receipt.exe

    • Size

      877KB

    • MD5

      cac42f0744e58164039fbc2ef62da404

    • SHA1

      85e2ffe52fb62712a110cf8d9d2d6fa6269306b6

    • SHA256

      7757fb2455891d1cbcf89ca3cdf291bacaee9c3f1835826a4831c49fbd8249f1

    • SHA512

      64cd76c4d78b2e0dd1c2e5a96fc71426c06b3584e4ff61e0aed3f7de88c9e573f96b9c3aaf2f27fce3514093adbd8a0f1f3d8479438b0fd8bb1fb064365a6e85

    • SSDEEP

      12288:5xP/62UAecZ/n6Z5P3Z8sO46A9jmP/uhu/yMS08CkntxYRkL:v6vAZZ/6bisZfmP/UDMS08Ckn37

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks