Overview
overview
7Static
static
3K&S.rar
windows7-x64
1K&S.rar
windows10-2004-x64
1Karma.exe
windows7-x64
7Karma.exe
windows10-2004-x64
alansito_file.pyc
windows7-x64
3alansito_file.pyc
windows10-2004-x64
3Slinky.exe
windows7-x64
7Slinky.exe
windows10-2004-x64
alansito_file.pyc
windows7-x64
3alansito_file.pyc
windows10-2004-x64
3slinky_library.dll
windows7-x64
5slinky_library.dll
windows10-2004-x64
5slinkyhook.dll
windows7-x64
1slinkyhook.dll
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
07/01/2024, 19:21
Behavioral task
behavioral1
Sample
K&S.rar
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
K&S.rar
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
Karma.exe
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
Karma.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
alansito_file.pyc
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
alansito_file.pyc
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
Slinky.exe
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
Slinky.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
alansito_file.pyc
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
alansito_file.pyc
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
slinky_library.dll
Resource
win7-20231215-en
Behavioral task
behavioral12
Sample
slinky_library.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral13
Sample
slinkyhook.dll
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
slinkyhook.dll
Resource
win10v2004-20231222-en
General
-
Target
Karma.exe
-
Size
84.0MB
-
MD5
711464a82474c913defec443908e21ed
-
SHA1
e216b0853a6195acf520a7b5a7b46a1c972b666e
-
SHA256
0ef43d9de4af2dc3fd0dae9ca3533fbd97bff13b5c95ba4c8521d13b0b9683aa
-
SHA512
f04a7e4158cd78fa61568c0e306c6b72f3617dd147d8b58b99aa02a34a340a7135c8c4ecec714def1eb7712bde01dbbe8825275d5e9c4819d7e818cc8dea0888
-
SSDEEP
393216:36jAPfF3dNPVLCEDLQzH2ciIrHW4H//o3KdUgK1gXuSA:32AjLCEDLQzkIL7/weU9gXuSA
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 676 Karma.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2916 wrote to memory of 676 2916 Karma.exe 29 PID 2916 wrote to memory of 676 2916 Karma.exe 29 PID 2916 wrote to memory of 676 2916 Karma.exe 29
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.3MB
MD51d5e4c20a20740f38f061bdf48aaca4f
SHA1de1b64ab5219aa6fef95cd2b0ccead1c925fd0d0
SHA256f8172151d11bcf934f2a7518cd0d834e3f079bd980391e9da147ce4cff72c366
SHA5129df64c97e4e993e815fdaf7e8ecbc3ce32aa8d979f8f4f7a732b2efa636cfeb9a145fe2c2dcdf2e5e9247ee376625e1fdc62f9657e8007bb504336ac8d05a397