Overview

overview

10

Static

static

10

Receipt.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Receipt.exe

  • Size

    765KB

  • Sample

    250409-sddqzsvjt2

  • MD5

    e2dfee8df8311299ec4805ef1b084f49

  • SHA1

    6e84ecf4be3aaab02fe4e5de8fa7c512d17d6cda

  • SHA256

    69e51ff6376359583cb16f9c90a2be5a26de5a0c5e398c5b670fec24223500a3

  • SHA512

    c0cb22513886487a00adee419d4ed2b435a52aae26959e34905d7e83d0318acf18597fba663110be4b22c1a377746f5603075c154fb77c4342a2fb78f971b04a

  • SSDEEP

    12288:Qkb2oWZCaxfeb9uWwLV46A9jmP/uhu/yMS08CkntxYRmBL:sCa1QuWwLufmP/UDMS08Ckn3r

Score
10/10
kutakidiscovery

Malware Config

Extracted

Family

kutaki

C2

http://newlinkwotolove.club/love/three.php

Targets

    • Target

      Receipt.exe

    • Size

      765KB

    • MD5

      e2dfee8df8311299ec4805ef1b084f49

    • SHA1

      6e84ecf4be3aaab02fe4e5de8fa7c512d17d6cda

    • SHA256

      69e51ff6376359583cb16f9c90a2be5a26de5a0c5e398c5b670fec24223500a3

    • SHA512

      c0cb22513886487a00adee419d4ed2b435a52aae26959e34905d7e83d0318acf18597fba663110be4b22c1a377746f5603075c154fb77c4342a2fb78f971b04a

    • SSDEEP

      12288:Qkb2oWZCaxfeb9uWwLV46A9jmP/uhu/yMS08CkntxYRmBL:sCa1QuWwLufmP/UDMS08Ckn3r

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks