pandastealer | 45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1 | Triage

Submit
Reports

Overview

overview

Static

static

8

45f88f5920...c1.exe

windows7_x64

45f88f5920...c1.exe

windows10-2004_x64

Sharing

General

Target

45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1
Size

5.8MB
Sample

220708-s6etraagf7
MD5

0b1a7fe06cc33b9e4d80c8aebf2c239c
SHA1

ce7e874b1b06eaeed3ab54687815784111ebb034
SHA256

45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1
SHA512

e19692e28b1c653d2defb297dad3f73830b16512e2ea4cb3edb9e1c0b4dba8ebd68573dbbc9ab8ebaff5ad25533596effc8206e0d3028700b35c1e8cc6f71006

Score

10^/10

pandastealer spyware stealer vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1.exe

Resource

win7-20220414-en

pandastealer spyware stealer vmprotect

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1.exe

Resource

win10v2004-20220414-en

pandastealer spyware stealer vmprotect

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1
- Size
  
  5.8MB
- MD5
  
  0b1a7fe06cc33b9e4d80c8aebf2c239c
- SHA1
  
  ce7e874b1b06eaeed3ab54687815784111ebb034
- SHA256
  
  45f88f59207111a08807bd65ee2016df002f7968753700c60e4c615378ec74c1
- SHA512
  
  e19692e28b1c653d2defb297dad3f73830b16512e2ea4cb3edb9e1c0b4dba8ebd68573dbbc9ab8ebaff5ad25533596effc8206e0d3028700b35c1e8cc6f71006
Score

10^/10

pandastealer spyware stealer vmprotect
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

pandastealerspywarestealervmprotect

behavioral2

pandastealerspywarestealervmprotect

© 2018-2024

Terms | Privacy