kutaki | 5c95e51e73f58a8d0fd768c1b3921e313fda809a21f8649fd7c8f842012a5381 | Triage

Sharing

General

Target

019b25421881e6c8e15b36a5c2a9e9fd_JaffaCakes118
Size

341KB
Sample

240426-zbq2vsbf55
MD5

019b25421881e6c8e15b36a5c2a9e9fd
SHA1

fd69adb4f1f9dde21564c020ea2feb0686bf91f1
SHA256

5c95e51e73f58a8d0fd768c1b3921e313fda809a21f8649fd7c8f842012a5381
SHA512

a4f8665bb97731af33c18b0ae970222fbbf24e727c48a1f81c89e69009cd5e82336cd6955323f9af067f695503693fcfab52cb2f94af58660034482eefa53dba
SSDEEP

6144:309BXtLL5H+dvQGR7aognYP4GNA91mH3/VC4Y3h69l6bkCuhQ+S0y+lq2HTonevj:309ZW4QP4QA91mX/6hM5W+S08Oknv7Yt

Score

10^/10

kutaki

Malware Config

Extracted

Family

kutaki

C2

http://sdaskmda.club/papa/love.php

http://terebinnahi.club/sec/kool.txt

Targets

- Target
  
  PAYMENT FROM OUR SBI BANK.cmd
- Size
  
  536KB
- MD5
  
  d554b4c1aa278eeaf10def8ea5973cd6
- SHA1
  
  f1056fb198e27b567d46c3fe7b2d355c925988fd
- SHA256
  
  b2db0dad3f1acb31633bc8d135453b5141d75ce89212a303a9148a40f60eb917
- SHA512
  
  00d9d6a1ff4cfd43a3e11e4b81d47a559eef3e03011c24a160e614064cd42a2a87c9f7da586d0cc33d8ec3db025050468aea708865b80d7aaa0250dc81d6e62d
- SSDEEP
  
  12288:0uv+XyDHRqUaW46A9jmP/uhu/yMS08CkntxYRS:rv0wHROfmP/UDMS08Ckn3P
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2