General
-
Target
MidNight - CRACKED.exe
-
Size
1.0MB
-
Sample
230207-gp1t4shf45
-
MD5
58ca1e23ef8de741043ccb41431b091a
-
SHA1
aca6ff224cc2d42dc14d66123bc018a10cd27445
-
SHA256
e52afa16e426ed5b530dc3fc1bcac33dc99ca772ff841b7c0bbbf93e4e7c7fed
-
SHA512
ba90b03bb76b45f79824d8ff415872f3a230b2dd0d50cf644938b2179d16d7dc09ffe5aa048cad089229ba84f7dd8167af747c98d0b6c70eb24208cd8e867c56
-
SSDEEP
24576:rTbBv5rUWXm04zMPIPhA53hJTB4tniG+tNd7:1B3m7/50NWt+/t
Malware Config
Targets
-
-
Target
MidNight - CRACKED.exe
-
Size
1.0MB
-
MD5
58ca1e23ef8de741043ccb41431b091a
-
SHA1
aca6ff224cc2d42dc14d66123bc018a10cd27445
-
SHA256
e52afa16e426ed5b530dc3fc1bcac33dc99ca772ff841b7c0bbbf93e4e7c7fed
-
SHA512
ba90b03bb76b45f79824d8ff415872f3a230b2dd0d50cf644938b2179d16d7dc09ffe5aa048cad089229ba84f7dd8167af747c98d0b6c70eb24208cd8e867c56
-
SSDEEP
24576:rTbBv5rUWXm04zMPIPhA53hJTB4tniG+tNd7:1B3m7/50NWt+/t
Score10/10-
Panda Stealer payload
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-