Extracted

• • Target

    Tax Payment Challan.exe

  • Size

    650KB

  • MD5

    f236ef2812755f787b852acd19655592

  • SHA1

    5a3678b093a0dddf8bdd47be635a7c4bba97725b

  • SHA256

    6cc89c4ee5308a2c40874f02f8f636bf77133c0b1bc59df8e806fda5e509424a

  • SHA512

    61e5f17cc2463b1c57385c4925a82b6fb5c7ea4898e29d45c20d3953ec7059dba466038881b70a2a0f29dee936107aced84939d695718d129a8b87dffa802174

  • SSDEEP

    12288:16UaeOpx41/ai46A9jmP/uhu/yMS08CkntxYRAAL:ALezaNfmP/UDMS08Ckn3K

  Score

  10^/10

  kutakikeyloggerstealer

  • Kutaki

    Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    stealerkeyloggerkutaki

  • Kutaki Executable

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2