kutaki | dae33aa264ac0ed7023617da8ee3af75d4486ca8a8a33de7679e48613692f2b2 | Triage

Submit
Reports

Overview

overview

Static

static

Payment Receipt.exe

windows7_x64

Payment Receipt.exe

windows10-2004_x64

Sharing

General

Target

dae33aa264ac0ed7023617da8ee3af75d4486ca8a8a33de7679e48613692f2b2
Size

338KB
Sample

220208-dah4zacda7
MD5

aa1f94f34f9b6f940754d4cdaa9dda24
SHA1

cebe2fa26875a4723177c18bd6a9c3805cf04545
SHA256

dae33aa264ac0ed7023617da8ee3af75d4486ca8a8a33de7679e48613692f2b2
SHA512

6f5804a453b1174aca2c48788ad63fd84ed95a8cfcfd0ef9c36f29611521e5f5bcafe65145486ba340584b1931a579e5c087062199091ecbc73d5488d916527d

Score

10^/10

kutaki keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Payment Receipt.exe

Resource

win7-en-20211208

kutaki keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment Receipt.exe

Resource

win10v2004-en-20220112

kutaki keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Payment Receipt.exe
- Size
  
  532KB
- MD5
  
  70d06e14dfaa50cfbf369823178d2887
- SHA1
  
  0eefda0ded48f32522d9157577953c7ab73a02bb
- SHA256
  
  cb23f5a566bfa91b51d3ecd344e3f6025023463532fa4d5edf5d0785814529d7
- SHA512
  
  ab903159a23b96b01489a6fff11936fdf656e4932218913b19f57a975a0a13274b4c4149b13b5b1a096b821279f05e09d4e8a18d2f5db44a7b0d70b84527d197
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

kutakikeyloggerstealer

© 2018-2025

Terms | Privacy