kutaki | 41ec67a912e7de3898baf0f58013481661ce654144e9334aae2d3baf0f4fecce | Triage

Submit
Reports

Overview

overview

Static

static

mal.exe

windows7-x64

mal.exe

windows10-2004-x64

Sharing

General

Target

mal.exe
Size

465KB
Sample

221201-kyc17agb8y
MD5

c41cca4d15c20ffe8b9648ec9e9c7a95
SHA1

2d0ee06b8ad28ad4ee2fdea76eb87967ba98620a
SHA256

41ec67a912e7de3898baf0f58013481661ce654144e9334aae2d3baf0f4fecce
SHA512

bbedcf190672e5b24c11ba3482256fe85f5ac890125cf5a4bc457f0e5508336666686c57dd8c67ee4be6606327b4613dddf549eed8252fa81b22401dc49a62b5
SSDEEP

12288:N8ZCw3cuE046A9jmP/uhu/yMS08CkntxYRsL:N8ZCwXEnfmP/UDMS08Ckn37

Score

10^/10

kutaki keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

mal.exe

Resource

win7-20221111-en

kutaki keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

mal.exe

Resource

win10v2004-20220812-en

kutaki keylogger stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://newbosslink.xyz/baba/new4.php

Targets

- Target
  
  mal.exe
- Size
  
  465KB
- MD5
  
  c41cca4d15c20ffe8b9648ec9e9c7a95
- SHA1
  
  2d0ee06b8ad28ad4ee2fdea76eb87967ba98620a
- SHA256
  
  41ec67a912e7de3898baf0f58013481661ce654144e9334aae2d3baf0f4fecce
- SHA512
  
  bbedcf190672e5b24c11ba3482256fe85f5ac890125cf5a4bc457f0e5508336666686c57dd8c67ee4be6606327b4613dddf549eed8252fa81b22401dc49a62b5
- SSDEEP
  
  12288:N8ZCw3cuE046A9jmP/uhu/yMS08CkntxYRsL:N8ZCwXEnfmP/UDMS08Ckn37
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

kutakikeyloggerstealer

© 2018-2025

Terms | Privacy