kutaki | b47dc07388cf0646f0cc080abaebd9e357b188f2f4b8d6de0c7a3e67b989a718 | Triage

Submit
Reports

Overview

overview

Static

static

Income_Tax...pt.exe

windows7-x64

Income_Tax...pt.exe

windows10-2004-x64

Sharing

General

Target

Income_Tax_Receipt.zip
Size

488KB
Sample

220909-rqdq3sgda5
MD5

6fd414d974b96063ba79b7db323beb7b
SHA1

a2939c89acb646a68389464f7abe8a50fc85929a
SHA256

b47dc07388cf0646f0cc080abaebd9e357b188f2f4b8d6de0c7a3e67b989a718
SHA512

4629731160b8415eab20f3315584866550b026b0b30a8cd8bc93d104e5ef06e8ca1c98f6a17f429c8ded7d60d53e54e5a85403843d490b639bbfcd0582af11a8
SSDEEP

12288:nzYHnreANRXD10DSAhO746A9jmd/uhSDyM408CknhFYR4:kZD10Dhfmd/UBM408CknLH

Score

10^/10

kutaki keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Income_Tax_Receipt.exe

Resource

win7-20220901-en

kutaki keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Income_Tax_Receipt.exe

Resource

win10v2004-20220812-en

kutaki keylogger stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://newloshree.xyz/work/son.php

Targets

- Target
  
  Income_Tax_Receipt.exe
- Size
  
  656KB
- MD5
  
  d039b5c37d260eda505b03f97b963b3a
- SHA1
  
  f7d4b2a09d147cc05d63f8ae20f6e72ad0912bbb
- SHA256
  
  8f541e14c1eae40515b2abc8bb11aa584cd754f668eec02f6a2bf7974d686357
- SHA512
  
  935c665290617855d4a60ba6b2a458a4d3cc086893df8549101fd04f704d00b57c4460981c20fb6a701ae73a776dddf7f2823d0a466590bbcb68298e1500e9d7
- SSDEEP
  
  12288:j7k+QuuMas9dpZHV10DSpbgJ2y+OC1HwJ5tChW4kZdnNrv750F46A9jmP/uhu/y8:vQkxZHV10DFikZdnNxfmP/UDMS08Ckn0
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

kutakikeyloggerstealer

© 2018-2025

Terms | Privacy