Overview

overview

10

Static

static

10

2c503f3afa...cs.exe

windows7-x64

10

2c503f3afa...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c503f3afa7dc8b3ff80910eaee058b0_NeikiAnalytics.exe

  • Size

    645KB

  • Sample

    240519-yt2ewafd53

  • MD5

    2c503f3afa7dc8b3ff80910eaee058b0

  • SHA1

    67d1b22afc35b76b813a25f1a6d0beb5074bab68

  • SHA256

    aa2228845b62429199c3bc15482fece687518c1b55e6d19a4816be2652159296

  • SHA512

    9fda6580f08dcb171dc10da16d74cd7e5c3cfa138311d0bb680568d00d6c69cd6cf22c2b2e5359eeaf8dc01948eecbf9816275509faf0557c9015fdfcd8658d2

  • SSDEEP

    12288:p700p8Erbi0OpL46A9jmP/uhu/yMS08CkntxYRgL:zp8Erb+GfmP/UDMS08Ckn37

Score
10/10
kutakikeyloggerstealer

Malware Config

Extracted

Family

kutaki

C2

http://newlinkwotolove.club/love/three.php

Targets

    • Target

      2c503f3afa7dc8b3ff80910eaee058b0_NeikiAnalytics.exe

    • Size

      645KB

    • MD5

      2c503f3afa7dc8b3ff80910eaee058b0

    • SHA1

      67d1b22afc35b76b813a25f1a6d0beb5074bab68

    • SHA256

      aa2228845b62429199c3bc15482fece687518c1b55e6d19a4816be2652159296

    • SHA512

      9fda6580f08dcb171dc10da16d74cd7e5c3cfa138311d0bb680568d00d6c69cd6cf22c2b2e5359eeaf8dc01948eecbf9816275509faf0557c9015fdfcd8658d2

    • SSDEEP

      12288:p700p8Erbi0OpL46A9jmP/uhu/yMS08CkntxYRgL:zp8Erb+GfmP/UDMS08Ckn37

    Score
    10/10
    kutakikeyloggerstealer

    • Kutaki

      Information stealer and keylogger that hides inside legitimate Visual Basic applications.

      stealerkeyloggerkutaki

    • Kutaki Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks