Karagany

Description

(SecureWorks) Dating from at least 2010, the Karagany malware family originated from criminal malware known as ‘Dream Loader.’ Reports indicate that Dream Loader was leaked onto underground forums and that limited use was seen in the wild.

Karagany does not have a wealth of built-in capability at its core. Its main purpose is to provide the ability for a remote threat actor to maintain persistent access to a victim’s network, upload/download files, and download and execute additional plugin modules.

In addition to the plugin functionality, the core module contains a limited capability to harvest browser passwords stored in the Windows Credential Store.

Names

Name
Karagany
Karagny
Trojan.Karagany
xFrost

Type

Backdoor
Credential stealer
Downloader
Exfiltration

Information

https://www.secureworks.com/research/updated-karagany-malware-targets-energy-sector

Mitre Attack

https://attack.mitre.org/software/S0094/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.karagany

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:karagany

Other Information

Uuid

433ea147-b7bc-458f-95ce-7dbc2d0d7747

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Karagany

Karagany

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks