สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > List all tools > List all groups using tool Karba

Threat Group Cards: A Threat Actor Encyclopedia

Tool: Karba

Names	Karba Trojan.Win32.Karba.e
Category	Malware
Type	Reconnaissance, Backdoor
Description	(Kaspersky) This malware is 220Kb in size. It was built as MFC framework application with a lot of extra calls that should have complicated the analysis of the sample. It mimics a GUI desktop application but it does not create any visible windows or dialogs to interact with local users. The Trojan collects data about the system and anti-malware software installed on it, and uploads that data to Darkhotel command and control servers.
Information	<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08070903/darkhotel_kl_07.11.pdf> <https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08070901/darkhotelappendixindicators_kl.pdf>

Last change to this tool card: 20 April 2020

Download this tool card in JSON format

All groups using tool Karba

Changed	Name	Country	Observed
APT groups
	DarkHotel		2007-2023

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]