kutaki | 037a3742bb8812078421e1b8e822d1e358cb3fccaa3d3fc2cd67d99d303e958f | Triage

Submit
Reports

Overview

overview

Static

static

IncomeTaxP...an.exe

windows7-x64

IncomeTaxP...an.exe

windows10-2004-x64

Sharing

General

Target

IncomeTaxPaymentChallan.exe
Size

737KB
Sample

221104-qjx1psfea4
MD5

97f31e6d14a85c59b121126c5732d4d7
SHA1

2e04c17a218c45552e3127fadb7eab45e138e83a
SHA256

037a3742bb8812078421e1b8e822d1e358cb3fccaa3d3fc2cd67d99d303e958f
SHA512

a7bf2db806a27dffc82346ca03c503f567216692698f840cc16ba544d7c3c7edf590b2941c2a3c0b38424e48479de40859d2c60b7269e5764f25c277d49544cf
SSDEEP

12288:/4y86ukvYbVYb3YM5YdTT6WYuazYB46A9jmP/uhu/yMS08CkntxYR3VOL:/Xdvb3YM5Nzy6fmP/UDMS08Ckn3H

Score

10^/10

kutaki keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

IncomeTaxPaymentChallan.exe

Resource

win7-20220812-en

kutaki keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

IncomeTaxPaymentChallan.exe

Resource

win10v2004-20220901-en

kutaki keylogger stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  IncomeTaxPaymentChallan.exe
- Size
  
  737KB
- MD5
  
  97f31e6d14a85c59b121126c5732d4d7
- SHA1
  
  2e04c17a218c45552e3127fadb7eab45e138e83a
- SHA256
  
  037a3742bb8812078421e1b8e822d1e358cb3fccaa3d3fc2cd67d99d303e958f
- SHA512
  
  a7bf2db806a27dffc82346ca03c503f567216692698f840cc16ba544d7c3c7edf590b2941c2a3c0b38424e48479de40859d2c60b7269e5764f25c277d49544cf
- SSDEEP
  
  12288:/4y86ukvYbVYb3YM5YdTT6WYuazYB46A9jmP/uhu/yMS08CkntxYR3VOL:/Xdvb3YM5Nzy6fmP/UDMS08Ckn3H
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

kutakikeyloggerstealer

© 2018-2025

Terms | Privacy