Overview

overview

10

Static

static

10

Tax Paymen...an.exe

windows7_x64

10

Tax Paymen...an.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afe77e1a5fb69a38c6e56533128372e1

  • Size

    1.1MB

  • Sample

    220616-lv5sgagdg2

  • MD5

    afe77e1a5fb69a38c6e56533128372e1

  • SHA1

    1ce8d4deec361eeab9654d4066a252e273af40ef

  • SHA256

    5c5ae8fed2bfe5d64f1ae5487238c1681e050ea526d458cdb81a38530bbe2350

  • SHA512

    414bf8e54543fa77b1f2c642efb3e9100d05c3423db5d3a0722673a29cc51ba252f8de074ad8836adc47b228b51e4b6b8b75aae27963402b85b9f27f8e76ab0e

Score
10/10
kutakikeyloggerstealer

Malware Config

Targets

    • Target

      Tax Payment Challan.exe

    • Size

      3.7MB

    • MD5

      5f25cb32cb11c4e4983d85bf95aee8f1

    • SHA1

      cd7ec29d9a162ac4ffd453c2beafae52767a3739

    • SHA256

      99229a496b7b21bc5385bf85b68358418a5e3554740fa8ed14d355c5bc25997d

    • SHA512

      bd528327be04e93c074175cf415fdb75811d951eaf4fb752c1bc56cd843292ae8c10357a6b66745179d5007ad31867e83aeaa82b61f6165090e368a0c9332987

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki

    • Kutaki Executable

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks