General

  • Target

    3cb4050544f22e9adfa49585866df8cd815344747bc74b82468faff4e36523f3

  • Size

    5.7MB

  • Sample

    220319-ngwnragfg6

  • MD5

    049f2156be0f3e4f27637def01bf4957

  • SHA1

    bb18618c3129f5d164599b1e44bd59af08e986d0

  • SHA256

    3cb4050544f22e9adfa49585866df8cd815344747bc74b82468faff4e36523f3

  • SHA512

    64a736aab483face7679ecb70a1ccdcbf24d23cf15a6f892277d66d8c5c615e748302d63196e41597224dea0383090313f19cd6137d8ef5f4f7e9b0782e02d90

Malware Config

Targets

    • Target

      3cb4050544f22e9adfa49585866df8cd815344747bc74b82468faff4e36523f3

    • Size

      5.7MB

    • MD5

      049f2156be0f3e4f27637def01bf4957

    • SHA1

      bb18618c3129f5d164599b1e44bd59af08e986d0

    • SHA256

      3cb4050544f22e9adfa49585866df8cd815344747bc74b82468faff4e36523f3

    • SHA512

      64a736aab483face7679ecb70a1ccdcbf24d23cf15a6f892277d66d8c5c615e748302d63196e41597224dea0383090313f19cd6137d8ef5f4f7e9b0782e02d90

    • Panda Stealer Payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks