Analysis
-
max time kernel
44s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
23-06-2022 02:27
General
-
Target
72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57.exe
-
Size
681KB
-
MD5
a8a48c0921e289bbc6b21551a819d724
-
SHA1
c0c4708c566a52e1e218f3e8fb661067ac76f663
-
SHA256
72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57
-
SHA512
b291049a5224f68c743f09579ba5fe673e0c0af606df748b78d508a09c62bed4a67772c9b86270251bc0c42fe5b57d5ebad469996b827dc130cf32b1da0eec63
Score
10/10
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3
suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57.exe"C:\Users\Admin\AppData\Local\Temp\72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/560-54-0x0000000075271000-0x0000000075273000-memory.dmpFilesize
8KB