Overview

overview

10

Static

static

10

HDFC_RTGS.exe

windows7-x64

10

HDFC_RTGS.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    529324b39de6f6a2a6095479f4dc4fe1856809b2eb60924ea3ab9592bf655a1e

  • Size

    1.5MB

  • Sample

    231027-lssecsfb79

  • MD5

    cc38979b9c8c579fb5815af70c2452c9

  • SHA1

    7ead666da9ae0a5f7fbfb8bbeade8ed80f79edb8

  • SHA256

    529324b39de6f6a2a6095479f4dc4fe1856809b2eb60924ea3ab9592bf655a1e

  • SHA512

    52be1d7d046f60ae0f5c59f9aba9a50bf121e50a8cdd00fb4bcfc64ff3e957373cc1d842912addcd85a0561b71570a549399746c046116c9c0556bd7438ea698

  • SSDEEP

    24576:jPu2gz7ALuxDUdo3Z+UpZ1XRpdQNVc9z7n731+btMpmf/mpUS0gCkrFX:jPu2gzF4dooUrpdq+8Mpmf/Q4gNJ

Score
10/10
kutakikeyloggerstealer

Malware Config

Extracted

Family

kutaki

C2

http://ojorobia.club/laptop/laptop.php

http://terebinnahicc.club/sec/kool.txt

Targets

    • Target

      HDFC_RTGS.exe

    • Size

      1.5MB

    • MD5

      30adcb75b8ce11e32915d329f4292854

    • SHA1

      cda01ae84ef0b9688f8911de661f1adec108a73b

    • SHA256

      8de3fb617df36b4e33432d30ea4fc626c968421d594b0b5102f8d9b1fbb8fbdf

    • SHA512

      d7d21d2a64719ac10e8818b2b775caa83a56e11e198cc60b28036a5631d7121b8d2dc777893d862a47caccee006ccb014e2f810229cf1b36d6492da9e2b031ef

    • SSDEEP

      24576:XMjlxu1t+S0kLaSW/u/a+DzovnwNnxV/gb7e2AsvwbR281z+zfmP/UDMS08Ckn30:ulAR0kL1t8nO/CAsn81z+zfmP/SA8NE

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki

    • Kutaki Executable

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks