kutaki | 505a208666ea25c3a9dad0898c6fd52debdbdb7893f41c3f0898d96b13745be7 | Triage

Submit
Reports

Overview

overview

Static

static

1

jti.htm

windows7-x64

jti.htm

windows10-2004-x64

1

Sharing

General

Target

jti.htm
Size

178B
Sample

230617-wcpcwace63
MD5

ac177a6112a773d9272aa38384fb9a9b
SHA1

3d4e24049a3d93ca546ef482c60db7e529cedf18
SHA256

505a208666ea25c3a9dad0898c6fd52debdbdb7893f41c3f0898d96b13745be7
SHA512

a14945e65d0e76fe8d37173df9ac794bd09b760e854a6f0ec839e50e9d5783124b418b7d8088fbd6fb822c7214453e7e4f4a745c66ba6c4514b855034fbeac2e

Score

10^/10

kutaki keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

jti.htm

Resource

win7-20230220-en

kutaki keylogger stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

jti.htm

Resource

win10v2004-20230221-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://linkwotowoto.club/new/two.php

Targets

- Target
  
  jti.htm
- Size
  
  178B
- MD5
  
  ac177a6112a773d9272aa38384fb9a9b
- SHA1
  
  3d4e24049a3d93ca546ef482c60db7e529cedf18
- SHA256
  
  505a208666ea25c3a9dad0898c6fd52debdbdb7893f41c3f0898d96b13745be7
- SHA512
  
  a14945e65d0e76fe8d37173df9ac794bd09b760e854a6f0ec839e50e9d5783124b418b7d8088fbd6fb822c7214453e7e4f4a745c66ba6c4514b855034fbeac2e
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy