Overview

overview

10

Static

static

8

04a3b0f970...50.exe

windows7_x64

10

04a3b0f970...50.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5691744977059840.zip

  • Size

    5.6MB

  • Sample

    210730-am91fgcq46

  • MD5

    64a098ac3c226cf5812a38a5e676221b

  • SHA1

    3d4d43531ac89dc1458e69488bc9c38ca831263e

  • SHA256

    9b9812ba0f32aaf0969b036bd07f88cdf9fcb4e9344e5b5ced43b29acbb002c2

  • SHA512

    be53dc04e99e6040072529fea7c5d8b43d99bccb634f3ac5f9af5c620632f4f8fdc014ec0e8a8068e9432e8c2595bc44d4c468979f646685a47ea3958d70677b

Score
10/10
pandastealerspywarestealervmprotect

Malware Config

Targets

    • Target

      04a3b0f970d1689d6c1d6859c81ef3f41f1a503baf4275188e848548b2669950

    • Size

      5.7MB

    • MD5

      571d311fc434e77de22206602a9131d3

    • SHA1

      9b661c437983b9f903bf1d388e1d789b405af238

    • SHA256

      04a3b0f970d1689d6c1d6859c81ef3f41f1a503baf4275188e848548b2669950

    • SHA512

      bbefbdee9fe118793e7a9c9856c13d9bb8e67eb19d6f4c67f9aa5ffe8f8cf7198fa5e0489fc5fdbb1f8dd6064f875f3cb21a5c41b70b3b8f01ded27440e75764

    Score
    10/10
    pandastealerspywarestealervmprotect

    • Panda Stealer Payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks