Overview

overview

10

Static

static

10

7177cf9f39...1).zip

windows7-x64

1

7177cf9f39...1).zip

windows10-2004-x64

1

7177cf9f39...29.exe

windows7-x64

10

7177cf9f39...29.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7177cf9f393364d37caa1cf3d970bd5381333fb655ec3f83becdb8c4861ed429 (1).zip

  • Size

    423KB

  • Sample

    231011-mzk5ashf7s

  • MD5

    8b86c917ba830a8b4b079dac766f8215

  • SHA1

    da98299aaff7a8de1bd66aefab7c458ff7279128

  • SHA256

    ad4105a0782f6efc19aa2b31dd763f9059baf00a517ea3b8a8d0636363faf000

  • SHA512

    4be015749384ba1ab89f03ef985fb44a178154ffdac8a9a87d32091ad47ccc0a915c61ac2371d9b4c95cb1b68a660e4e37b83a5cded2a2df65e5a6ea7930e2e4

  • SSDEEP

    12288:M9BVx8pDVSYIxrH3FBaZSXISieH4TnC5jQJEy8:sVQMYItXPaZKPHwI2Ey8

Score
10/10
kutakikeyloggerstealer

Malware Config

Extracted

Family

kutaki

C2

http://newloshree.xyz/work/son.php

Targets

    • Target

      7177cf9f393364d37caa1cf3d970bd5381333fb655ec3f83becdb8c4861ed429 (1).zip

    • Size

      423KB

    • MD5

      8b86c917ba830a8b4b079dac766f8215

    • SHA1

      da98299aaff7a8de1bd66aefab7c458ff7279128

    • SHA256

      ad4105a0782f6efc19aa2b31dd763f9059baf00a517ea3b8a8d0636363faf000

    • SHA512

      4be015749384ba1ab89f03ef985fb44a178154ffdac8a9a87d32091ad47ccc0a915c61ac2371d9b4c95cb1b68a660e4e37b83a5cded2a2df65e5a6ea7930e2e4

    • SSDEEP

      12288:M9BVx8pDVSYIxrH3FBaZSXISieH4TnC5jQJEy8:sVQMYItXPaZKPHwI2Ey8

    Score
    1/10
    behavioral1behavioral2

    • Target

      7177cf9f393364d37caa1cf3d970bd5381333fb655ec3f83becdb8c4861ed429.exe

    • Size

      812KB

    • MD5

      cbcc3c668fdc2ee5f01487855bb38a03

    • SHA1

      426f69456a1923749cc85e1f9b4cce43ea1050bb

    • SHA256

      7177cf9f393364d37caa1cf3d970bd5381333fb655ec3f83becdb8c4861ed429

    • SHA512

      302478083f792fcb779749c993d18d88e33aa855de8641dc4b02d7a29cff2074ccdcc931efeb6eeb46dbf8f5cddec2bdbf4814f73c2dc4daba99fd6775ca138e

    • SSDEEP

      12288:Iw/h2mDPAtjj4cv6aiUoIxbUV46A9jmP/uhu/yMS08CkntxYRq:7Pmjj4c5fmP/UDMS08Ckn3j

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki

    • Kutaki Executable

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks