kutaki

General

Target

https://ucb97db0771cc6db92965a2d607a.dl.dropboxusercontent.com/cd/0/get/CDQciDmPCyFi69LYz5ZBKaG_sy3MRbRP3zn0TgDfVH01UBlplye7eXHQu_lMfUMT_7csbTvVs2Yl18AZQ8CPirCbdaISl13atqhBvV3w7tBlH3-ppY3ZGOuxnsIZ9TAr7_Ie-AYWXlaI6AbcuSjJE8oV/file?dl=1#
Sample

230907-lzag5age4x

Score

10^/10

Malware Config

Extracted

Family

kutaki

C2

http://treysbeatend.com/laptop/squared.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  https://ucb97db0771cc6db92965a2d607a.dl.dropboxusercontent.com/cd/0/get/CDQciDmPCyFi69LYz5ZBKaG_sy3MRbRP3zn0TgDfVH01UBlplye7eXHQu_lMfUMT_7csbTvVs2Yl18AZQ8CPirCbdaISl13atqhBvV3w7tBlH3-ppY3ZGOuxnsIZ9TAr7_Ie-AYWXlaI6AbcuSjJE8oV/file?dl=1#
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Drops startup file
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3

T1012

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Drops startup file

Executes dropped EXE

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1