General

  • Target

    2024-10-21_e04925f3609d73cc32e7ec81136271a8_bkransomware_karagany

  • Size

    677KB

  • Sample

    241021-jl2cksvhka

  • MD5

    e04925f3609d73cc32e7ec81136271a8

  • SHA1

    8fa38b6079ab4e3568974822b2b7aa962300f445

  • SHA256

    b463313849dad86d973cd1a7f95a53157ed1cf1f4ab1c4870438679be0091157

  • SHA512

    2894f728fb342c50c34215e6c7dbfce219cdb78d2410f3fd62db1dbb37b75dd1a43b72dcb51daac8fc1589546a5c0fd3e47c55fe802b9c7ab31ef53c8726b7ae

  • SSDEEP

    12288:QvXk1KWCIkeRlk7ugd1EOFcNW2f+zRIxzA0RJ4P3Zu/t4ZJ0FSlg6BdLET7bI/IE:Ek1KWHRlMugdD+JsRgZRJ4fM430Eg6nj

Malware Config

Targets

    • Target

      2024-10-21_e04925f3609d73cc32e7ec81136271a8_bkransomware_karagany

    • Size

      677KB

    • MD5

      e04925f3609d73cc32e7ec81136271a8

    • SHA1

      8fa38b6079ab4e3568974822b2b7aa962300f445

    • SHA256

      b463313849dad86d973cd1a7f95a53157ed1cf1f4ab1c4870438679be0091157

    • SHA512

      2894f728fb342c50c34215e6c7dbfce219cdb78d2410f3fd62db1dbb37b75dd1a43b72dcb51daac8fc1589546a5c0fd3e47c55fe802b9c7ab31ef53c8726b7ae

    • SSDEEP

      12288:QvXk1KWCIkeRlk7ugd1EOFcNW2f+zRIxzA0RJ4P3Zu/t4ZJ0FSlg6BdLET7bI/IE:Ek1KWHRlMugdD+JsRgZRJ4fM430Eg6nj

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks