Analysis
-
max time kernel
151s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
07-11-2022 16:56
Behavioral task
behavioral1
Sample
740554cb974f32f7542251b70cbafb6a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
740554cb974f32f7542251b70cbafb6a.exe
Resource
win10v2004-20220812-en
General
-
Target
740554cb974f32f7542251b70cbafb6a.exe
-
Size
681KB
-
MD5
740554cb974f32f7542251b70cbafb6a
-
SHA1
15b5556c763412afbd882a2876fb85bad7a4d55c
-
SHA256
431fd6d04bb3e1c1dfb5ffc096246c3321fd467a110433640823f9ea5c90751d
-
SHA512
3eb17f1158023a7478c7a526c17a90f0bd34ff60d31e87d9c19cde7225b8549d4665eb9c8e2f992b29aa4803c646fb19d04fe54204e116463cf8d5ef8f3efc76
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlWjOz+2:VoJEKZ6IEGTMxapRl2PSwHTehy6BN+p4
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
740554cb974f32f7542251b70cbafb6a.exepid process 4092 740554cb974f32f7542251b70cbafb6a.exe 4092 740554cb974f32f7542251b70cbafb6a.exe