kutaki | 381ec80e02dba4fe1877e427522ea92a94b29b7f45bddd11c1f2ef9724dd6d2e | Triage

Submit
Reports

Overview

overview

Static

static

9693fd176c...c8.exe

windows7-x64

9693fd176c...c8.exe

windows10-2004-x64

7

Sharing

General

Target

9693fd176c8734b1928a56cb9771a0c8
Size

376KB
Sample

240212-h1g2tahc39
MD5

9693fd176c8734b1928a56cb9771a0c8
SHA1

35d2579e6a03c2e769b17f1aa8ce934f91fd5e13
SHA256

381ec80e02dba4fe1877e427522ea92a94b29b7f45bddd11c1f2ef9724dd6d2e
SHA512

cb68ab4fb44c52763294fbe010ae6383d1feafa0ea67c663c333f36b5ddac7374b2a787fe7f6b331893c40e94c060782a6d2a65acadb5771c05defe103a6a847
SSDEEP

6144:7IaXScY1S4GlA9jmHv/VCSY3hw9lMbk6u1QMS0y+lqiHTonWryFDYRF:H46A9jmP/uhu/yMS08CkntxYRF

Score

10^/10

kutaki keylogger stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

9693fd176c8734b1928a56cb9771a0c8.exe

Resource

win7-20231215-en

kutaki keylogger stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

9693fd176c8734b1928a56cb9771a0c8.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://sdaskmda.club/papa/love.php

http://terebinnahicc.club/sec/kool.txt

Targets

- Target
  
  9693fd176c8734b1928a56cb9771a0c8
- Size
  
  376KB
- MD5
  
  9693fd176c8734b1928a56cb9771a0c8
- SHA1
  
  35d2579e6a03c2e769b17f1aa8ce934f91fd5e13
- SHA256
  
  381ec80e02dba4fe1877e427522ea92a94b29b7f45bddd11c1f2ef9724dd6d2e
- SHA512
  
  cb68ab4fb44c52763294fbe010ae6383d1feafa0ea67c663c333f36b5ddac7374b2a787fe7f6b331893c40e94c060782a6d2a65acadb5771c05defe103a6a847
- SSDEEP
  
  6144:7IaXScY1S4GlA9jmHv/VCSY3hw9lMbk6u1QMS0y+lqiHTonWryFDYRF:H46A9jmP/uhu/yMS08CkntxYRF
Score

10^/10

kutaki keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

kutakikeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy