General
Target

34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789

Size

4MB

Sample

220502-1dcgxsebbk

Score
10/10
MD5

69ef826f3d9a3aca327e938327d91644

SHA1

43e9c02b386564fb46425feaf5e7a29096c01f0d

SHA256

34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789

SHA512

93457365d0ab55d3de9828d98f411dbe1c3435c25ecf16f92d0a6b9e9028ee4a1b896101d042eef486759b935abb99ea1f93607764e184adc84d0825e675013d

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://cocojambo.collector-steal.ga

Targets
Target

34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789

MD5

69ef826f3d9a3aca327e938327d91644

Filesize

4MB

Score
10/10
SHA1

43e9c02b386564fb46425feaf5e7a29096c01f0d

SHA256

34aa8ab1fdfbb0507d22838b8f618704efef899694d494b00dcc1a315fa86789

SHA512

93457365d0ab55d3de9828d98f411dbe1c3435c25ecf16f92d0a6b9e9028ee4a1b896101d042eef486759b935abb99ea1f93607764e184adc84d0825e675013d

Tags

Signatures

  • Panda Stealer Payload

  • PandaStealer

    Description

    Panda Stealer is a fork of CollectorProject Stealer written in C++.

    Tags

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      Score
                      N/A

                      behavioral1

                      Score
                      10/10

                      behavioral2

                      Score
                      10/10