Overview

overview

10

Static

static

10

EC240316AA...an.exe

windows7-x64

10

EC240316AA...an.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SAMPLE_FILES_20240318-093859.ZIP

  • Size

    364KB

  • Sample

    240318-bj8d4scg32

  • MD5

    e21e096ef13b5269858350be52444cf6

  • SHA1

    247561fcbd950ef2736679eacd2bf62a390de242

  • SHA256

    b011f563c0b25f73466fc615af1a11573670a09949763d15a19dff56891b0717

  • SHA512

    fea2e75e8ae52196d5c4b87a9dda2451553891c70429e6a4846b006f89b73130e19b0b0fe667e80fb3b308058b74e6d52ed2dddeac1e3102e2fd0d50dbb6b84a

  • SSDEEP

    6144:m29dJg59juoFg3zaWC7Are4glA9nm3v/VuSY39w9labkOuhQAS0y+lMiHTonWLyF:mGtoyDaWC7Are4oA9nmf/O9uNWAS0iCU

Score
10/10
kutakikeyloggerstealer

Malware Config

Extracted

Family

kutaki

C2

http://linkwotowoto.club/new/two.php

Targets

    • Target

      EC240316AAAAK-000001_Tax Payment Challan.exexx

    • Size

      637KB

    • MD5

      bbf998f39ff78309effce75ce3ed0020

    • SHA1

      0050caf84cfc083ea0af0cb8cee13955b7e13d2b

    • SHA256

      4eb1e5e57cada95932e85d71062c1d3f95ca3b7a3764c26e95bc90171d21d543

    • SHA512

      f90c300691fdc6a83f2a5ef986562df0fe06982f7dfa7886ff09096e15cc32a7a842bb20e4493b6afab68a5978a3cfef7b84bca6d17d33bfc0540414615aad99

    • SSDEEP

      12288:hRxbFaGd/kcAR/46A9jmP/uhu/yMS08CkntxYR3L:tbFaGNrfmP/UDMS08Ckn3u

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki

    • Kutaki Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks