Extracted

• • Target

    42c326b155960ea90143b31d14c48bf081d6dc6bb74ce383cace3cdfe844a403.exe

  • Size

    557KB

  • MD5

    8aa46a680dee1077ddc3c3532f257f1c

  • SHA1

    a0dd12b6d29540516de63419f7c9968e94c1adba

  • SHA256

    42c326b155960ea90143b31d14c48bf081d6dc6bb74ce383cace3cdfe844a403

  • SHA512

    5a4d528e7c7783aaaae84409190cdca68a2914edb040332aa65f8662288cd4e8aba1d5afde766f415717b90123c258e0aaf1cad6bc2b8af5994c6be404a8d223

  • SSDEEP

    12288:TF5lcY4VALRvG46A9jmP/uhu/yMS08CkntxYRtL:xcOXfmP/UDMS08Ckn30

  Score

  10^/10

  kutakikeyloggerstealer

  • Kutaki

    Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    stealerkeyloggerkutaki

  • Kutaki Executable

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Loads dropped DLL

  behavioral1behavioral2