Description
Panda Stealer is a fork of CollectorProject Stealer written in C++.
General
Target
Size
Sample
34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789
4MB
220502-1dcgxsebbk
Score
10/10
MD5
SHA1
SHA256
SHA512
69ef826f3d9a3aca327e938327d91644
43e9c02b386564fb46425feaf5e7a29096c01f0d
34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789
93457365d0ab55d3de9828d98f411dbe1c3435c25ecf16f92d0a6b9e9028ee4a1b896101d042eef486759b935abb99ea1f93607764e184adc84d0825e675013d
Malware Config
Extracted
| Family | pandastealer |
| Version | 1.11 |
| C2 |
http://cocojambo.collector-steal.ga |
Targets
Target
MD5
Filesize
34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789
69ef826f3d9a3aca327e938327d91644
4MB
Score
10/10
SHA1
SHA256
SHA512
43e9c02b386564fb46425feaf5e7a29096c01f0d
34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789
93457365d0ab55d3de9828d98f411dbe1c3435c25ecf16f92d0a6b9e9028ee4a1b896101d042eef486759b935abb99ea1f93607764e184adc84d0825e675013d
Tags
Signatures
-
Panda Stealer Payload
-
PandaStealer
-
Reads user/profile data of web browsers
Description
Infostealers often target stored browser data, which can include saved credentials etc.
Tags
TTPs
-
Suspicious use of SetThreadContext
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks
static1
Score
N/A
behavioral1
Score
10/10
behavioral2
Score
10/10