General

  • Target

    btwGaban.exe

  • Size

    681KB

  • Sample

    220608-jtavlahgd4

  • MD5

    79a7debc04b66da7592ef55b768e46b4

  • SHA1

    c71876635a7dbda629302a388fd36a0ee7c4ebd5

  • SHA256

    7b8253ce462a3a1f6efcb7a7d27b8320751e90db7afd4846545d8e823bb8953e

  • SHA512

    49cb6f1ab6ca897d346a35c7d6ef4b17b3c2afbbc974cff64f216bf6baa6cb89d529afc88f745699eaf244e24a143a580edc28c5baf0c3fa285d62a197f10e5b

Malware Config

Targets

    • Target

      btwGaban.exe

    • Size

      681KB

    • MD5

      79a7debc04b66da7592ef55b768e46b4

    • SHA1

      c71876635a7dbda629302a388fd36a0ee7c4ebd5

    • SHA256

      7b8253ce462a3a1f6efcb7a7d27b8320751e90db7afd4846545d8e823bb8953e

    • SHA512

      49cb6f1ab6ca897d346a35c7d6ef4b17b3c2afbbc974cff64f216bf6baa6cb89d529afc88f745699eaf244e24a143a580edc28c5baf0c3fa285d62a197f10e5b

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3

      suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks