pandastealer | 881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89 | Triage

Submit
Reports

Overview

overview

Static

static

881ecae6e1...89.exe

windows7_x64

881ecae6e1...89.exe

windows10-2004_x64

Sharing

General

Target

881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89
Size

1.9MB
Sample

220328-yp4dnsaedk
MD5

5284725757caecb744665f5bf9875ee2
SHA1

4e0a1115d4013796b44d952fce4fdc5d15c988e4
SHA256

881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89
SHA512

a0fe991673fba03b45ada2f04601f24bd8e921526ef911836d57c78fd2a2780d98ac7a1b6ce7056a3bdcc27b30d6aea1e081ffae6c4b8f0f9909abbaa375b6af

Score

10^/10

pandastealer spyware stealer vmprotect

Static task

static1

vmprotect pandastealer

Behavioral task

behavioral1

Sample

881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89.exe

Resource

win7-20220311-en

pandastealer spyware stealer vmprotect

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89.exe

Resource

win10v2004-en-20220113

pandastealer spyware stealer vmprotect

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89
- Size
  
  1.9MB
- MD5
  
  5284725757caecb744665f5bf9875ee2
- SHA1
  
  4e0a1115d4013796b44d952fce4fdc5d15c988e4
- SHA256
  
  881ecae6e1d75a8d9b4b2a33ed0c9eb9bbdd0a4a4e5efd28ed9d4bb75bc3dd89
- SHA512
  
  a0fe991673fba03b45ada2f04601f24bd8e921526ef911836d57c78fd2a2780d98ac7a1b6ce7056a3bdcc27b30d6aea1e081ffae6c4b8f0f9909abbaa375b6af
Score

10^/10

pandastealer spyware stealer vmprotect
- Panda Stealer Payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

vmprotectpandastealer

behavioral1

pandastealerspywarestealervmprotect

behavioral2

pandastealerspywarestealervmprotect

© 2018-2025

Terms | Privacy