Extracted

• • Target

    Tax Payment Challan.exe

  • Size

    608KB

  • MD5

    8f3efc2d3a22ed24821833bc665b7a13

  • SHA1

    e9ccdcf94190d17a358acc596f16c8ebec815f47

  • SHA256

    4809718782a72e36b129dd972948e075d160afa5450cec73ad884195fb119dcc

  • SHA512

    02b90a316d9b62a17bce2fd72f686bc8abdaadf962cd70ed9e2dbbcb3d0352c7050f9c909f195b915f6ec7b70667848f702054a2dda2a805b23da89b65f07e1b

  • SSDEEP

    12288:sRvfTemPckUgIhUMgW0cB4/8vYjDpK8atfx8hDu:nNgIhUZ/8vYjEPx8hC

  Score

  10^/10

  kutakikeyloggerstealer

  • Kutaki

    Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    stealerkeyloggerkutaki

  • Kutaki Executable

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Loads dropped DLL

  behavioral1behavioral2