kutaki | 54d1075986147686beb5c24b34607afbfa435f626ba1eaca77289b4439dc2d80 | Triage

Sharing

General

Target

Payment_Confirmation.zipx
Size

339KB
Sample

240802-jy491axgpg
MD5

7d78e20be5f51e0dc6dc8c544ae1f2d7
SHA1

8c1fb8cd1e7f4d168bceea6de89dfb95a1711438
SHA256

54d1075986147686beb5c24b34607afbfa435f626ba1eaca77289b4439dc2d80
SHA512

19bb52358a50060fccdec8897f21e97c58f1ebd3fc688df3a8db5b5a4488a49d4544914b4295d3a81a44d89575b7f3badc6d2e81b8b54cb710f2bf9234e7f507
SSDEEP

6144:vUPAXOeD6N6OCg1R4G9A9j63x/VCSa3hwHlQ/kwupQLS8y+lqiJToninYtEPla:v/tyd4cA9j6B/shK/uLS88Kkn/Cg

Score

10^/10

kutaki discovery

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  Payment_Confirmation.cmd
- Size
  
  512KB
- MD5
  
  100408c26c4d52d6b0e3f8d943972bd9
- SHA1
  
  064aad1117e6b347763cfb9399387ccf5677d9de
- SHA256
  
  d900c478a67d9ad11c0f5c6174d9d0326e71f2e91a14c0305f51ac8eb443ea9e
- SHA512
  
  eecc2b06dcbf9a108c1c47c0c9c9d509479210bb654c304043f8bbb9ccd78fea9282b499405a261f7eb8890cf64d8e09cb2e45c035976a093ffcbf96ca7c6f69
- SSDEEP
  
  12288:avWERGGQ1spq1JuXCt46A9jmP/uhu/yMS08CkntxYR:pEoGQ1spq1TmfmP/UDMS08Ckn3
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2