kutaki | 600ed7173b9c1cc4a9d5c058d7079d742854b5a2a010403ca4e36aa5e8b457d8 | Triage

Submit
Reports

Overview

overview

Static

static

Tax_Paymen...pt.exe

windows7-x64

Tax_Paymen...pt.exe

windows10-2004-x64

1

Sharing

General

Target

Tax_Payment_Receipt.exe
Size

1.0MB
Sample

230207-ww48fagd2v
MD5

48b4adffdbe0a5e704653fd7a6cf5a3e
SHA1

ab735248496ead4be59f20eedc4e983b2edb8912
SHA256

600ed7173b9c1cc4a9d5c058d7079d742854b5a2a010403ca4e36aa5e8b457d8
SHA512

1aeb8ffa266e6bba51793c7ed5c5c7f68bfa7ac647c1f5d1a1decb03802cb1d675d23c19491d9e759bc7a0decfc081ed07bdf43f85894357a41da6f7c7a91ff8
SSDEEP

24576:AvPS/SnugUM+4Zt5lWfmP/UDMS08Ckn3Y0:AvPEwug1cfmP/SA8No0

Score

10^/10

kutaki keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Tax_Payment_Receipt.exe

Resource

win7-20221111-en

kutaki keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Tax_Payment_Receipt.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://newloshree.xyz/work/son.php

Targets

- Target
  
  Tax_Payment_Receipt.exe
- Size
  
  1.0MB
- MD5
  
  48b4adffdbe0a5e704653fd7a6cf5a3e
- SHA1
  
  ab735248496ead4be59f20eedc4e983b2edb8912
- SHA256
  
  600ed7173b9c1cc4a9d5c058d7079d742854b5a2a010403ca4e36aa5e8b457d8
- SHA512
  
  1aeb8ffa266e6bba51793c7ed5c5c7f68bfa7ac647c1f5d1a1decb03802cb1d675d23c19491d9e759bc7a0decfc081ed07bdf43f85894357a41da6f7c7a91ff8
- SSDEEP
  
  24576:AvPS/SnugUM+4Zt5lWfmP/UDMS08Ckn3Y0:AvPEwug1cfmP/SA8No0
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

© 2018-2025

Terms | Privacy