pandastealer | eb977a803d155ea25837fa400dff81e8336746e6ed9f563cfaee92a544104705 | Triage

Submit
Reports

Overview

overview

Static

static

svchost.exe

windows7_x64

svchost.exe

windows10-2004_x64

Sharing

General

Target

svchost.exe
Size

1.4MB
Sample

220609-phacksccg2
MD5

f86af47d52c3cd035c137d3a3097d06f
SHA1

5ec629884fea63bb82e2dffa441dca353d5f80e4
SHA256

eb977a803d155ea25837fa400dff81e8336746e6ed9f563cfaee92a544104705
SHA512

5f39928faa0fb04f2abc80565eea16d3522073768e5acf729619a8d0cc549199826193b2eef1eb8d5dd0c664461522748c5b2c1c3568ffb0a0b851ec29ffc04e

Score

10^/10

pandastealer spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

svchost.exe

Resource

win7-20220414-en

pandastealer spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

svchost.exe

Resource

win10v2004-20220414-en

pandastealer spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://asdqwezxc.ru.xsph.ru

Targets

- Target
  
  svchost.exe
- Size
  
  1.4MB
- MD5
  
  f86af47d52c3cd035c137d3a3097d06f
- SHA1
  
  5ec629884fea63bb82e2dffa441dca353d5f80e4
- SHA256
  
  eb977a803d155ea25837fa400dff81e8336746e6ed9f563cfaee92a544104705
- SHA512
  
  5f39928faa0fb04f2abc80565eea16d3522073768e5acf729619a8d0cc549199826193b2eef1eb8d5dd0c664461522748c5b2c1c3568ffb0a0b851ec29ffc04e
Score

10^/10

pandastealer spyware stealer suricata
- Panda Stealer Payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3
  suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3
  suricata
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

pandastealerspywarestealersuricata

behavioral2

pandastealerspywarestealer

© 2018-2024

Terms | Privacy