kutaki | 0fd485cf586b6ec28f7b1e943712935ef4a333cbbeee29167ef086ccdd49cc79 | Triage

Submit
Reports

Overview

overview

Static

static

INCOME_TAX...an.exe

windows10-2004-x64

Sharing

General

Target

INCOME_TAX_Challan.zip
Size

1.0MB
Sample

230323-hz7k3seb68
MD5

5c51b0e7b13965ed021d9af8966f5635
SHA1

59321b813b67d0e94f7f6ff0f3cc4b11261c2b9b
SHA256

0fd485cf586b6ec28f7b1e943712935ef4a333cbbeee29167ef086ccdd49cc79
SHA512

d8f5b4beb59ede1ff3083ec00b111f77a0d54621a99a81bfde05dc78d7bfb715849926722cdeeac0a0507086f5b853c5340ee6450056a94bf5c750877a919930
SSDEEP

24576:NJV7Q46ZxHEUght0E8x/Bt6JGsp3Q1mv/UjMSY8CknN1:ND7x63naQ5wY6A1mv/Wc8NN1

Score

10^/10

kutaki keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

INCOME_TAX_Challan.exe

Resource

win10v2004-20230220-en

kutaki keylogger stealer

windows10-2004-x64

5 signatures

1800 seconds

Malware Config

Extracted

Family

kutaki

C2

http://waaatlink.xyz/hello/son.php

Targets

- Target
  
  INCOME_TAX_Challan.exe
- Size
  
  3.2MB
- MD5
  
  b1fadf19937c7d653286997afd35d84d
- SHA1
  
  577dc340ec3af92b5dc30ac50840a90b99ec6f50
- SHA256
  
  f9694c42f4212704e55550704a80cf62bf03051265585d83d667ac040a2c72b8
- SHA512
  
  d78b64e4844cb4d06e735ed574b9278d6b1021360b9154cd510e4427648eadb1732a31719821ecadabcaa772183645065a9c46aafad224107f3b5af6bee2bc63
- SSDEEP
  
  98304:vu4fwD6IO242Sn3Jgo63Sp7dZ3FJNZaZHKSn6sjn0MfmP/SA8t:1oPOVmmnSht
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Drops startup file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

kutakikeyloggerstealer

© 2018-2025

Terms | Privacy