kutaki | 9b3c2853944f7dc6985774f53efcdf30b357f3dce5abd8d6b0f924b033d25911 | Triage

Submit
Reports

Overview

overview

Static

static

3.exe

windows7-x64

3.exe

windows10-2004-x64

Sharing

General

Target

3.exe
Size

541KB
Sample

230105-lthasafa8s
MD5

86f76a5b4137c86d3eed43cfac187f7e
SHA1

a7a8e3c6cd76b6c4a05f6747c75cdd4587c09725
SHA256

9b3c2853944f7dc6985774f53efcdf30b357f3dce5abd8d6b0f924b033d25911
SHA512

9d36390d5b016ed9a27678dc170c6ab95fe5fa0a4b91ac9abd89b99593fa7259efd6f6a5f86943c1b0bb00357e2404688d3cd6df4490cfe592d2b2401c4c25f3
SSDEEP

12288:+2D18PzBRRHsj1SFKihy46A9jmP/uhu/yMS08CkntxYRRL:ypMj1SHfmP/UDMS08Ckn3I

Score

10^/10

kutaki keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3.exe

Resource

win7-20221111-en

kutaki keylogger stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

3.exe

Resource

win10v2004-20220901-en

kutaki keylogger stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://newbosslink.xyz/baba/new4.php

Targets

- Target
  
  3.exe
- Size
  
  541KB
- MD5
  
  86f76a5b4137c86d3eed43cfac187f7e
- SHA1
  
  a7a8e3c6cd76b6c4a05f6747c75cdd4587c09725
- SHA256
  
  9b3c2853944f7dc6985774f53efcdf30b357f3dce5abd8d6b0f924b033d25911
- SHA512
  
  9d36390d5b016ed9a27678dc170c6ab95fe5fa0a4b91ac9abd89b99593fa7259efd6f6a5f86943c1b0bb00357e2404688d3cd6df4490cfe592d2b2401c4c25f3
- SSDEEP
  
  12288:+2D18PzBRRHsj1SFKihy46A9jmP/uhu/yMS08CkntxYRRL:ypMj1SHfmP/UDMS08Ckn3I
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

kutakikeyloggerstealer

© 2018-2025

Terms | Privacy