General
-
Target
svchost.exe
-
Size
1.4MB
-
Sample
220609-pf2n2scce3
-
MD5
f86af47d52c3cd035c137d3a3097d06f
-
SHA1
5ec629884fea63bb82e2dffa441dca353d5f80e4
-
SHA256
eb977a803d155ea25837fa400dff81e8336746e6ed9f563cfaee92a544104705
-
SHA512
5f39928faa0fb04f2abc80565eea16d3522073768e5acf729619a8d0cc549199826193b2eef1eb8d5dd0c664461522748c5b2c1c3568ffb0a0b851ec29ffc04e
Static task
static1
Behavioral task
behavioral1
Sample
svchost.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
svchost.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
pandastealer
1.11
http://asdqwezxc.ru.xsph.ru
Targets
-
-
Target
svchost.exe
-
Size
1.4MB
-
MD5
f86af47d52c3cd035c137d3a3097d06f
-
SHA1
5ec629884fea63bb82e2dffa441dca353d5f80e4
-
SHA256
eb977a803d155ea25837fa400dff81e8336746e6ed9f563cfaee92a544104705
-
SHA512
5f39928faa0fb04f2abc80565eea16d3522073768e5acf729619a8d0cc549199826193b2eef1eb8d5dd0c664461522748c5b2c1c3568ffb0a0b851ec29ffc04e
Score10/10-
Panda Stealer Payload
-
suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3
suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-