kutaki | aacf855f3810c4aa02e714dae8c8da78b8d8bfbaa041aa85ddfbdb83c3ade756 | Triage

Submit
Reports

Overview

overview

Static

static

Payment Co...on.exe

windows7-x64

Payment Co...on.exe

windows10-2004-x64

7

Sharing

General

Target

Payment Confirmation.exe
Size

529KB
Sample

240723-1v1abatglg
MD5

d998b9339c956239dc2199b761501441
SHA1

39f82f942c9de8cd0207e8bacc221351469938a7
SHA256

aacf855f3810c4aa02e714dae8c8da78b8d8bfbaa041aa85ddfbdb83c3ade756
SHA512

0a50c1ee25e052081346a5cc2e7090a413f8d91baaca2d5f45fbc9c08a2f6dc7cf93f0417f24ac59cd7a4f4abd0f8e80abe48ef6773af312072012f4c0e8ab6c
SSDEEP

12288:XFZ5tWdM8H4+iH88V7kVC46A9jmP/uhu/yMS08CkntxYRCL:XGE+iZ7kVtfmP/UDMS08Ckn3h

Score

10^/10

kutaki discovery keylogger stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Payment Confirmation.exe

Resource

win7-20240705-en

kutaki discovery keylogger stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payment Confirmation.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

kutaki

C2

http://newlinkwotolove.club/love/three.php

Targets

- Target
  
  Payment Confirmation.exe
- Size
  
  529KB
- MD5
  
  d998b9339c956239dc2199b761501441
- SHA1
  
  39f82f942c9de8cd0207e8bacc221351469938a7
- SHA256
  
  aacf855f3810c4aa02e714dae8c8da78b8d8bfbaa041aa85ddfbdb83c3ade756
- SHA512
  
  0a50c1ee25e052081346a5cc2e7090a413f8d91baaca2d5f45fbc9c08a2f6dc7cf93f0417f24ac59cd7a4f4abd0f8e80abe48ef6773af312072012f4c0e8ab6c
- SSDEEP
  
  12288:XFZ5tWdM8H4+iH88V7kVC46A9jmP/uhu/yMS08CkntxYRCL:XGE+iZ7kVtfmP/UDMS08Ckn3h
Score

10^/10

kutaki discovery keylogger stealer
- Kutaki
  Information stealer and keylogger that hides inside legitimate Visual Basic applications.
  stealer keylogger kutaki
- Kutaki Executable
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kutakidiscoverykeyloggerstealer

behavioral2

© 2018-2025

Terms | Privacy