ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Karba

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Karba

NamesKarba
Trojan.Win32.Karba.e
CategoryMalware
TypeReconnaissance, Backdoor
Description(Kaspersky) This malware is 220Kb in size. It was built as MFC framework application with a lot of extra calls that should have complicated the analysis of the sample. It mimics a GUI desktop application but it does not create any visible windows or dialogs to interact with local users. The Trojan collects data about the system and anti-malware software installed on it, and uploads that data to Darkhotel command and control servers.
Information<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08070903/darkhotel_kl_07.11.pdf>
<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08070901/darkhotelappendixindicators_kl.pdf>

Last change to this tool card: 20 April 2020

Download this tool card in JSON format

All groups using tool Karba

ChangedNameCountryObserved

APT groups

 DarkHotelSouth Korea2007-Dec 2021 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]