451dc6a02840e28fcac9a8bec43e557a35c25668c173b98b3cb6b766f1535ad5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-05-28...ny.exe

windows7-x64

7

2024-05-28...ny.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-28_c8cf250299e89432013d3065ccb12d13_bkransomware_karagany
Size

677KB
Sample

240528-ykd8zshg51
MD5

c8cf250299e89432013d3065ccb12d13
SHA1

590d6042c7b46eafc324925d90fa9b749da2aabd
SHA256

451dc6a02840e28fcac9a8bec43e557a35c25668c173b98b3cb6b766f1535ad5
SHA512

a634b4f5d647b5efff42e3a6304f614da12e306f59152b065b5ef4bcf447e203be64cb9b3f28350bbecd9e1b4fb093ceb2162cf80bc17d084447ceaf7d5391a6
SSDEEP

12288:DvXk1tp/SInr8vv2BDeT+bVYHTb3FRk/rMNxaXqqlPbJKTGv5DYFXOBnXREHa:Tk1b/i328ab4F+rM/aXq6bJfBUam6

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-28_c8cf250299e89432013d3065ccb12d13_bkransomware_karagany.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-28_c8cf250299e89432013d3065ccb12d13_bkransomware_karagany.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-28_c8cf250299e89432013d3065ccb12d13_bkransomware_karagany
- Size
  
  677KB
- MD5
  
  c8cf250299e89432013d3065ccb12d13
- SHA1
  
  590d6042c7b46eafc324925d90fa9b749da2aabd
- SHA256
  
  451dc6a02840e28fcac9a8bec43e557a35c25668c173b98b3cb6b766f1535ad5
- SHA512
  
  a634b4f5d647b5efff42e3a6304f614da12e306f59152b065b5ef4bcf447e203be64cb9b3f28350bbecd9e1b4fb093ceb2162cf80bc17d084447ceaf7d5391a6
- SSDEEP
  
  12288:DvXk1tp/SInr8vv2BDeT+bVYHTb3FRk/rMNxaXqqlPbJKTGv5DYFXOBnXREHa:Tk1b/i328ab4F+rM/aXq6bJfBUam6
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy