858dabdee38151a2ebe4394a36953a1982dc667f6ff43245d44b5d78027752eb | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-23...ny.exe

windows7-x64

7

2024-05-23...ny.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-23_5ded43f3c3fd090198b375ca1a778dec_bkransomware_karagany
Size

1.5MB
Sample

240523-knd6habb51
MD5

5ded43f3c3fd090198b375ca1a778dec
SHA1

1898d92336a63a470ea7281be3f051aef2645805
SHA256

858dabdee38151a2ebe4394a36953a1982dc667f6ff43245d44b5d78027752eb
SHA512

b27eb145fb85309428524449d38e0dbb63dadba9e3afaf993a0688173caff01bfc2b6f671b476026675386721fcee9781153bd618fb85724407f5b770f948f89
SSDEEP

12288:GvXk1yfgus8fju1doi6UoMUf4tRnT4SaV0qeLzSmwwY:ak1yD39MNTqV0Jxw

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-23_5ded43f3c3fd090198b375ca1a778dec_bkransomware_karagany.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-23_5ded43f3c3fd090198b375ca1a778dec_bkransomware_karagany.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-23_5ded43f3c3fd090198b375ca1a778dec_bkransomware_karagany
- Size
  
  1.5MB
- MD5
  
  5ded43f3c3fd090198b375ca1a778dec
- SHA1
  
  1898d92336a63a470ea7281be3f051aef2645805
- SHA256
  
  858dabdee38151a2ebe4394a36953a1982dc667f6ff43245d44b5d78027752eb
- SHA512
  
  b27eb145fb85309428524449d38e0dbb63dadba9e3afaf993a0688173caff01bfc2b6f671b476026675386721fcee9781153bd618fb85724407f5b770f948f89
- SSDEEP
  
  12288:GvXk1yfgus8fju1doi6UoMUf4tRnT4SaV0qeLzSmwwY:ak1yD39MNTqV0Jxw
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy