Overview

overview

10

Static

static

10

72a36bdacd...57.exe

windows7_x64

10

72a36bdacd...57.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    44s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23-06-2022 02:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57.exe

  • Size

    681KB

  • MD5

    a8a48c0921e289bbc6b21551a819d724

  • SHA1

    c0c4708c566a52e1e218f3e8fb661067ac76f663

  • SHA256

    72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57

  • SHA512

    b291049a5224f68c743f09579ba5fe673e0c0af606df748b78d508a09c62bed4a67772c9b86270251bc0c42fe5b57d5ebad469996b827dc130cf32b1da0eec63

Score
10/10
pandastealerspywarestealersuricata

Malware Config

Signatures

  • PandaStealer

    Panda Stealer is a fork of CollectorProject Stealer written in C++.

    stealerpandastealer
  • suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3

    suricata: ET MALWARE Win32/CollectorStealer CnC Exfil M3

    suricata
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57.exe
    "C:\Users\Admin\AppData\Local\Temp\72a36bdacd23ed0ba60f6594d83350d08fafb351e2224a11e463c8d518137c57.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/560-54-0x0000000075271000-0x0000000075273000-memory.dmp

    Filesize

    8KB

    Download