kutaki | 5c95e51e73f58a8d0fd768c1b3921e313fda809a21f8649fd7c8f842012a5381 | Triage

Sharing

General

Target

019b25421881e6c8e15b36a5c2a9e9fd_JaffaCakes118
Size

341KB
Sample

240426-zbq2vsbf55
MD5

019b25421881e6c8e15b36a5c2a9e9fd
SHA1

fd69adb4f1f9dde21564c020ea2feb0686bf91f1
SHA256

5c95e51e73f58a8d0fd768c1b3921e313fda809a21f8649fd7c8f842012a5381
SHA512

a4f8665bb97731af33c18b0ae970222fbbf24e727c48a1f81c89e69009cd5e82336cd6955323f9af067f695503693fcfab52cb2f94af58660034482eefa53dba
SSDEEP

6144:309BXtLL5H+dvQGR7aognYP4GNA91mH3/VC4Y3h69l6bkCuhQ+S0y+lq2HTonevj:309ZW4QP4QA91mX/6hM5W+S08Oknv7Yt

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://sdaskmda.club/papa/love.php

http://terebinnahi.club/sec/kool.txt

Targets

- Target
  
  PAYMENT FROM OUR SBI BANK.cmd
- Size
  
  536KB
- MD5
  
  d554b4c1aa278eeaf10def8ea5973cd6
- SHA1
  
  f1056fb198e27b567d46c3fe7b2d355c925988fd
- SHA256
  
  b2db0dad3f1acb31633bc8d135453b5141d75ce89212a303a9148a40f60eb917
- SHA512
  
  00d9d6a1ff4cfd43a3e11e4b81d47a559eef3e03011c24a160e614064cd42a2a87c9f7da586d0cc33d8ec3db025050468aea708865b80d7aaa0250dc81d6e62d
- SSDEEP
  
  12288:0uv+XyDHRqUaW46A9jmP/uhu/yMS08CkntxYRS:rv0wHROfmP/UDMS08Ckn3P
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2