Analysis
-
max time kernel
42s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
01-09-2022 15:26
Behavioral task
behavioral1
Sample
129d13a1399065a46b8fc48b4f9252285ef592e4f96b15b2238b44cca1646f10.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
129d13a1399065a46b8fc48b4f9252285ef592e4f96b15b2238b44cca1646f10.exe
Resource
win10v2004-20220901-en
General
-
Target
129d13a1399065a46b8fc48b4f9252285ef592e4f96b15b2238b44cca1646f10.exe
-
Size
681KB
-
MD5
7aa52a13fa4cd67258a81acb18bec8ad
-
SHA1
146377332b9bade3a1512326b385f8950004d25f
-
SHA256
129d13a1399065a46b8fc48b4f9252285ef592e4f96b15b2238b44cca1646f10
-
SHA512
11de25de8273964b84e52ec7862ea19b6e01eb5e5147a6113cd5a092e0b7356c9d8540e94ec38448753a8bf8c0f62cabd4af585dafebbf54d749c2a9acbc4a7f
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlfjOz+2:VoJEKZ6IEGTMxapRl2PSwHTehy6BU+p4
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
129d13a1399065a46b8fc48b4f9252285ef592e4f96b15b2238b44cca1646f10.exepid process 1956 129d13a1399065a46b8fc48b4f9252285ef592e4f96b15b2238b44cca1646f10.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1956-54-0x0000000075141000-0x0000000075143000-memory.dmpFilesize
8KB