4600b70c51899b49dfe48afbbbdaef371849974266075d0cdf7a8fb7c52fb2a7 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-24...ny.exe

windows7-x64

7

2024-05-24...ny.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-24_16c85b0b77a78b6476cd46af0acaa526_bkransomware_karagany
Size

677KB
Sample

240524-r4p19shh53
MD5

16c85b0b77a78b6476cd46af0acaa526
SHA1

cf4e8a442176a1c2d46dd370ff6fab2fc4ce4c31
SHA256

4600b70c51899b49dfe48afbbbdaef371849974266075d0cdf7a8fb7c52fb2a7
SHA512

091a87bf87e73ba56a01c3d5e2fa0b9e1540791773c83e323345700a4c1faef2519c042f77604cba3c074b9b85770f89b789b68371b13f5102c9c78110581bc5
SSDEEP

12288:gvXk1BU5VFWwHiC4mxYr8PCAwQy3KVMsMWsYNv+0kHe/6eZ0hW4:0k17wH/BYcCAwQEKesf/NmLeiTd

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-24_16c85b0b77a78b6476cd46af0acaa526_bkransomware_karagany.exe

Resource

win7-20240220-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-24_16c85b0b77a78b6476cd46af0acaa526_bkransomware_karagany.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-24_16c85b0b77a78b6476cd46af0acaa526_bkransomware_karagany
- Size
  
  677KB
- MD5
  
  16c85b0b77a78b6476cd46af0acaa526
- SHA1
  
  cf4e8a442176a1c2d46dd370ff6fab2fc4ce4c31
- SHA256
  
  4600b70c51899b49dfe48afbbbdaef371849974266075d0cdf7a8fb7c52fb2a7
- SHA512
  
  091a87bf87e73ba56a01c3d5e2fa0b9e1540791773c83e323345700a4c1faef2519c042f77604cba3c074b9b85770f89b789b68371b13f5102c9c78110581bc5
- SSDEEP
  
  12288:gvXk1BU5VFWwHiC4mxYr8PCAwQy3KVMsMWsYNv+0kHe/6eZ0hW4:0k17wH/BYcCAwQEKesf/NmLeiTd
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy