Extracted

• • Target

    4.exe

  • Size

    536KB

  • MD5

    2a189ba5e989daca58342a7dd038b142

  • SHA1

    abbaecc7acad08d1163a452cb56aa1d71c3582f8

  • SHA256

    5587ae6cef689c180254ba9d455eb62c171c4bbb20f82af7450ea2eeff4eac1e

  • SHA512

    f22d03a70d3177096acb5f62f9f6949df2478cb7d2dea40fc2057b6f8ebf8bc28320f23e1c9a4edd92753baa989cea7d19482582a6d5878d3e9815c0ab800baa

  • SSDEEP

    6144:NT1htGytvUf4yclQgx7+8DfpedxbKT3F9opcVyUW4Es+CS/wUcvzUjSa5pK2mKd4:7P+8DpFTvodUB4/8vYjDpK8atfx8hDu

  Score

  10^/10

  kutakikeyloggerstealer

  • Kutaki

    Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    stealerkeyloggerkutaki

  • Kutaki Executable

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Loads dropped DLL

  behavioral1behavioral2