Overview

overview

10

Static

static

10

fd047a7422...06.exe

windows7_x64

10

fd047a7422...06.exe

windows10_x64

10

Analysis

  • max time kernel
    16s
  • max time network
    119s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    01-08-2021 21:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd047a74224274e29409c2b841c2b306.exe

  • Size

    681KB

  • MD5

    fd047a74224274e29409c2b841c2b306

  • SHA1

    94067fbee35addbdb6cc1b330aa6746415382f4f

  • SHA256

    71e5de30f627eacb124f9f11d7ba70de43997847e88a61e440593ef9fd776bab

  • SHA512

    32ef07e7882efe5109e49b5f48e6dc46e068ffb5a9154c4b0be1456692ada2f3b1a3ea3a0857ad0d4257062f7eac5e9658d910776f359bb0b92f00de5d0c6a52

Score
10/10
pandastealerspywarestealer

Malware Config

Signatures

  • PandaStealer

    Panda Stealer is a fork of CollectorProject Stealer written in C++.

    stealerpandastealer
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fd047a74224274e29409c2b841c2b306.exe
    "C:\Users\Admin\AppData\Local\Temp\fd047a74224274e29409c2b841c2b306.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:992

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads