Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Tax Paymen...an.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Tax Payment Challan.exe

  • Size

    504KB

  • Sample

    220906-n15qrshfap

  • MD5

    705d8000b54163c1dd91960beb5c89b0

  • SHA1

    5dc9cb229d61bf68627376603aa569f025b651bf

  • SHA256

    efc7ec481193132dd58b741c3ccf3451c950ac3a446bd966e9a4d266439b9451

  • SHA512

    a2fee29eca137a6e870ef2860c2dc5571913ef8f77179c083baf7cd26b51f129c030ecd43b2d3889871ebf6d10b3ebdbf53196470f1b3fdf9c65a0175f9a4b70

  • SSDEEP

    12288:2urv+oNBBIqJKcGB4/8vYjDpK8atfx8hDu:brv+oNBBf/8vYjEPx8hC

Score
10/10
kutakikeyloggerstealer

Malware Config

Extracted

Family

kutaki

C2

http://newbosslink.xyz/baba/new4.php

Targets

    • Target

      Tax Payment Challan.exe

    • Size

      504KB

    • MD5

      705d8000b54163c1dd91960beb5c89b0

    • SHA1

      5dc9cb229d61bf68627376603aa569f025b651bf

    • SHA256

      efc7ec481193132dd58b741c3ccf3451c950ac3a446bd966e9a4d266439b9451

    • SHA512

      a2fee29eca137a6e870ef2860c2dc5571913ef8f77179c083baf7cd26b51f129c030ecd43b2d3889871ebf6d10b3ebdbf53196470f1b3fdf9c65a0175f9a4b70

    • SSDEEP

      12288:2urv+oNBBIqJKcGB4/8vYjDpK8atfx8hDu:brv+oNBBf/8vYjEPx8hC

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki

    • Kutaki Executable

    • Executes dropped EXE

    • Drops startup file

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks