Analysis
-
max time kernel
142s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
28-03-2022 21:02
Static task
static1
Behavioral task
behavioral1
Sample
daf429d6b9cd9338406a435dc9fe4f481794ffaa218588a133cc1d061f6212fe.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
daf429d6b9cd9338406a435dc9fe4f481794ffaa218588a133cc1d061f6212fe.exe
Resource
win10v2004-en-20220113
General
-
Target
daf429d6b9cd9338406a435dc9fe4f481794ffaa218588a133cc1d061f6212fe.exe
-
Size
681KB
-
MD5
47aa63ddf8a7d8eb24288da30dc420ee
-
SHA1
fb879b74032c9ed94a934b2b6d20f08a275a81d5
-
SHA256
daf429d6b9cd9338406a435dc9fe4f481794ffaa218588a133cc1d061f6212fe
-
SHA512
b9fcca35f081ef08733ed2ff027290120db76e208e6c933a8f318c1b895ba145a756b41c6e7320f04f735c2c0ab8b3d83170dfbf581d93d92fb226e88281f99d
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4336 daf429d6b9cd9338406a435dc9fe4f481794ffaa218588a133cc1d061f6212fe.exe 4336 daf429d6b9cd9338406a435dc9fe4f481794ffaa218588a133cc1d061f6212fe.exe