Overview

overview

10

Static

static

8

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04a3b0f970d1689d6c1d6859c81ef3f41f1a503baf4275188e848548b2669950

  • Size

    5.7MB

  • Sample

    210819-sw6tndfv32

  • MD5

    571d311fc434e77de22206602a9131d3

  • SHA1

    9b661c437983b9f903bf1d388e1d789b405af238

  • SHA256

    04a3b0f970d1689d6c1d6859c81ef3f41f1a503baf4275188e848548b2669950

  • SHA512

    bbefbdee9fe118793e7a9c9856c13d9bb8e67eb19d6f4c67f9aa5ffe8f8cf7198fa5e0489fc5fdbb1f8dd6064f875f3cb21a5c41b70b3b8f01ded27440e75764

Score
10/10
pandastealerspywarestealervmprotect

Malware Config

Targets

    • Target

      04a3b0f970d1689d6c1d6859c81ef3f41f1a503baf4275188e848548b2669950

    • Size

      5.7MB

    • MD5

      571d311fc434e77de22206602a9131d3

    • SHA1

      9b661c437983b9f903bf1d388e1d789b405af238

    • SHA256

      04a3b0f970d1689d6c1d6859c81ef3f41f1a503baf4275188e848548b2669950

    • SHA512

      bbefbdee9fe118793e7a9c9856c13d9bb8e67eb19d6f4c67f9aa5ffe8f8cf7198fa5e0489fc5fdbb1f8dd6064f875f3cb21a5c41b70b3b8f01ded27440e75764

    Score
    10/10
    pandastealerspywarestealervmprotect

    • Panda Stealer Payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks