Extracted

• • Target

    2c503f3afa7dc8b3ff80910eaee058b0_NeikiAnalytics.exe

  • Size

    645KB

  • MD5

    2c503f3afa7dc8b3ff80910eaee058b0

  • SHA1

    67d1b22afc35b76b813a25f1a6d0beb5074bab68

  • SHA256

    aa2228845b62429199c3bc15482fece687518c1b55e6d19a4816be2652159296

  • SHA512

    9fda6580f08dcb171dc10da16d74cd7e5c3cfa138311d0bb680568d00d6c69cd6cf22c2b2e5359eeaf8dc01948eecbf9816275509faf0557c9015fdfcd8658d2

  • SSDEEP

    12288:p700p8Erbi0OpL46A9jmP/uhu/yMS08CkntxYRgL:zp8Erb+GfmP/UDMS08Ckn37

  Score

  10^/10

  kutakikeyloggerstealer

  • Kutaki

    Information stealer and keylogger that hides inside legitimate Visual Basic applications.

    stealerkeyloggerkutaki

  • Kutaki Executable

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2