763a3223a59595162a90422f9decee9a64d275999914ed5fd5ae79539f61583c | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-28...ny.exe

windows7-x64

7

2024-05-28...ny.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-28_f72b314827759c4ab6e49745d44934b3_bkransomware_karagany
Size

677KB
Sample

240528-v8ktwsdf2t
MD5

f72b314827759c4ab6e49745d44934b3
SHA1

7985336de5d581078fa6595f5e51e85ab8b2f525
SHA256

763a3223a59595162a90422f9decee9a64d275999914ed5fd5ae79539f61583c
SHA512

d52fa1b7d91bebab7aab00271724495be019bd804da8785ae34f54e12bd1f3ac0067d4b55fdbf53d8c0b5e33b7d6255c1a87f22df45f1b531f56f60db2238c06
SSDEEP

12288:EvXk1Yp/SInr8vv2BDeT+bVYHTb3FRk/rMNxaXqqlPbJKTGv5DYFXOBnXREHa:wk1O/i328ab4F+rM/aXq6bJfBUam6

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-28_f72b314827759c4ab6e49745d44934b3_bkransomware_karagany.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-28_f72b314827759c4ab6e49745d44934b3_bkransomware_karagany.exe

Resource

win10v2004-20240426-en

spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-28_f72b314827759c4ab6e49745d44934b3_bkransomware_karagany
- Size
  
  677KB
- MD5
  
  f72b314827759c4ab6e49745d44934b3
- SHA1
  
  7985336de5d581078fa6595f5e51e85ab8b2f525
- SHA256
  
  763a3223a59595162a90422f9decee9a64d275999914ed5fd5ae79539f61583c
- SHA512
  
  d52fa1b7d91bebab7aab00271724495be019bd804da8785ae34f54e12bd1f3ac0067d4b55fdbf53d8c0b5e33b7d6255c1a87f22df45f1b531f56f60db2238c06
- SSDEEP
  
  12288:EvXk1Yp/SInr8vv2BDeT+bVYHTb3FRk/rMNxaXqqlPbJKTGv5DYFXOBnXREHa:wk1O/i328ab4F+rM/aXq6bJfBUam6
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy