pandastealer | e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9 | Triage

Submit
Reports

Overview

overview

Static

static

e9ec3e26c9...f9.exe

windows7-x64

1

e9ec3e26c9...f9.exe

windows10-2004-x64

Sharing

General

Target

e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9
Size

1.4MB
Sample

221013-bvw58aaee8
MD5

86586f68d3f31daf46c17fb3e7c6d898
SHA1

53e5a38d40031f7b1e98787ac9726b5b09671cad
SHA256

e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9
SHA512

69bf463091c1a55c9ebdbe344104b9114004354b3a83a9eb76f56685dd39bb19e8443f5dc0ee1afb15f4d791d0719f5536f6eec8d24d2cb1e5e9801a32f3dfda
SSDEEP

24576:EFy6K3oR28fpldrwETCB3l/1w/c8t7s+vd2DWF:EFG4R9fpXJeX1VhNw

Score

10^/10

pandastealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9.exe

Resource

win10v2004-20220812-en

pandastealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://en.veres-m.hu

Targets

- Target
  
  e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9
- Size
  
  1.4MB
- MD5
  
  86586f68d3f31daf46c17fb3e7c6d898
- SHA1
  
  53e5a38d40031f7b1e98787ac9726b5b09671cad
- SHA256
  
  e9ec3e26c9055bbd0ea512a581c3cfb872819a30f6ed985cfc2841e6f204a1f9
- SHA512
  
  69bf463091c1a55c9ebdbe344104b9114004354b3a83a9eb76f56685dd39bb19e8443f5dc0ee1afb15f4d791d0719f5536f6eec8d24d2cb1e5e9801a32f3dfda
- SSDEEP
  
  24576:EFy6K3oR28fpldrwETCB3l/1w/c8t7s+vd2DWF:EFG4R9fpXJeX1VhNw
Score

10^/10

pandastealer spyware stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

pandastealerspywarestealer

© 2018-2024

Terms | Privacy