# Trojan.Karagany > Tipo: **malware** · S0094 · [MITRE ATT&CK](https://attack.mitre.org/software/S0094) ## Descrição [[s0094-trojankaragany|Trojan.Karagany]] é uma ferramenta de acesso remoto modular usada para reconhecimento, associada ao grupo [[g0035-dragonfly|Dragonfly]]. O código-fonte do [[s0094-trojankaragany|Trojan.Karagany]] originou-se do malware Dream Loader, que vazou em 2010 e foi comercializado em fóruns clandestinos. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1033-system-owneruser-discovery|T1033 - System Owner/User Discovery]] - [[t1113-screen-capture|T1113 - Screen Capture]] - [[t1049-system-network-connections-discovery|T1049 - System Network Connections Discovery]] - [[t1010-application-window-discovery|T1010 - Application Window Discovery]] - [[t1027-obfuscated-files-or-information|T1027 - Obfuscated Files or Information]] - [[t1027-002-software-packing|T1027.002 - Software Packing]] - [[t1555-003-credentials-from-web-browsers|T1555.003 - Credentials from Web Browsers]] - [[t1057-process-discovery|T1057 - Process Discovery]] - [[t1547-001-registry-run-keys-startup-folder|T1547.001 - Registry Run Keys / Startup Folder]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1070-004-file-deletion|T1070.004 - File Deletion]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1056-001-keylogging|T1056.001 - Keylogging]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1074-001-local-data-staging|T1074.001 - Local Data Staging]] ## Grupos que Usam - [[g0035-dragonfly|Dragonfly]] ## Referências - [MITRE ATT&CK - S0094](https://attack.mitre.org/software/S0094)