Overview

overview

10

Static

static

top-macro.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    top-macro.exe

  • Size

    6.1MB

  • Sample

    210720-gjdddbh8se

  • MD5

    dbf27edfd1c25b00cd4dfaed3fdc5050

  • SHA1

    86d05ee92d2c4bb639849979802e93a7d495ac0d

  • SHA256

    140a296066f4749fff13c3c8e75c92bf9e2a884a55826977733d4bdff90a059e

  • SHA512

    ee139a213df23b222d08ef26133b95230d33ffb0b92efbd1c51036e3fa19905dda4c1512b24922b20579178549ed9b3b25dca9e6ca2cc94f2575f23c571f82ec

Score
10/10
pandastealerspywarestealer

Malware Config

Targets

    • Target

      top-macro.exe

    • Size

      6.1MB

    • MD5

      dbf27edfd1c25b00cd4dfaed3fdc5050

    • SHA1

      86d05ee92d2c4bb639849979802e93a7d495ac0d

    • SHA256

      140a296066f4749fff13c3c8e75c92bf9e2a884a55826977733d4bdff90a059e

    • SHA512

      ee139a213df23b222d08ef26133b95230d33ffb0b92efbd1c51036e3fa19905dda4c1512b24922b20579178549ed9b3b25dca9e6ca2cc94f2575f23c571f82ec

    Score
    10/10
    pandastealerspywarestealer

    • Panda Stealer Payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks