43706d4338c337349e3b96a0690fab6120c3eb15c7ca6c7919dc5387616d8c9a | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-24...ny.exe

windows7-x64

7

2024-05-24...ny.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-24_7e1db96e90da017d0b3ab49cbd323873_bkransomware_karagany
Size

677KB
Sample

240524-nz99vsgd2w
MD5

7e1db96e90da017d0b3ab49cbd323873
SHA1

66cc78e7219e22647ebdc2eb1e453202c174670a
SHA256

43706d4338c337349e3b96a0690fab6120c3eb15c7ca6c7919dc5387616d8c9a
SHA512

4e0fadd079c0b1b654217f36cc67cb6d0f455afa65784048ae51e83ac93b5e4c0a70291940cc6cbbc930d7e1f08580a2e7ae77f4d341a586a3caab95b2474f57
SSDEEP

12288:kvXk1bFCrNDFKYmKIiirRGW2phzrvXuayM1J3AAlrAf0d83QC0OXxcpGHMki:Qk1b8NDFKYmKOF0zr31JwAlcR3QC0OXn

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-24_7e1db96e90da017d0b3ab49cbd323873_bkransomware_karagany.exe

Resource

win7-20240215-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-24_7e1db96e90da017d0b3ab49cbd323873_bkransomware_karagany.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-24_7e1db96e90da017d0b3ab49cbd323873_bkransomware_karagany
- Size
  
  677KB
- MD5
  
  7e1db96e90da017d0b3ab49cbd323873
- SHA1
  
  66cc78e7219e22647ebdc2eb1e453202c174670a
- SHA256
  
  43706d4338c337349e3b96a0690fab6120c3eb15c7ca6c7919dc5387616d8c9a
- SHA512
  
  4e0fadd079c0b1b654217f36cc67cb6d0f455afa65784048ae51e83ac93b5e4c0a70291940cc6cbbc930d7e1f08580a2e7ae77f4d341a586a3caab95b2474f57
- SSDEEP
  
  12288:kvXk1bFCrNDFKYmKIiirRGW2phzrvXuayM1J3AAlrAf0d83QC0OXxcpGHMki:Qk1b8NDFKYmKOF0zr31JwAlcR3QC0OXn
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy