Overview

overview

10

Static

static

5cbe850f67...ab.exe

windows7_x64

10

5cbe850f67...ab.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5cbe850f672ab2ba13bef9015eca0712fa071c918b4a435b6486e41f42862aab

  • Size

    1.3MB

  • Sample

    220309-ra6f6ahaf7

  • MD5

    396f2b95ceaa2a0f978b514b7552b2b4

  • SHA1

    b7bc8fc2437026235c0183cfe1f444a72cefc55a

  • SHA256

    5cbe850f672ab2ba13bef9015eca0712fa071c918b4a435b6486e41f42862aab

  • SHA512

    207b36b3282323ac0ccaaf3ebc077ee1d2f0bc7a36f3c0c1dea454af116f56682dfa8aabf04f52704a8f926f1264b7cc9ea9ee4c6555f5c44099db1aadf12562

Score
10/10
pandastealerstealer

Malware Config

Targets

    • Target

      5cbe850f672ab2ba13bef9015eca0712fa071c918b4a435b6486e41f42862aab

    • Size

      1.3MB

    • MD5

      396f2b95ceaa2a0f978b514b7552b2b4

    • SHA1

      b7bc8fc2437026235c0183cfe1f444a72cefc55a

    • SHA256

      5cbe850f672ab2ba13bef9015eca0712fa071c918b4a435b6486e41f42862aab

    • SHA512

      207b36b3282323ac0ccaaf3ebc077ee1d2f0bc7a36f3c0c1dea454af116f56682dfa8aabf04f52704a8f926f1264b7cc9ea9ee4c6555f5c44099db1aadf12562

    Score
    10/10
    pandastealerstealer

    • Panda Stealer Payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks