pandastealer | e52afa16e426ed5b530dc3fc1bcac33dc99ca772ff841b7c0bbbf93e4e7c7fed | Triage

Submit
Reports

Overview

overview

Static

static

1

MidNight -...ED.exe

windows7-x64

MidNight -...ED.exe

windows10-2004-x64

Resubmissions

17-02-2024 06:01

240217-gq6rrace36 10

07-02-2023 05:59

230207-gp1t4shf45 10

Sharing

General

Target

MidNight - CRACKED.exe
Size

1.0MB
Sample

230207-gp1t4shf45
MD5

58ca1e23ef8de741043ccb41431b091a
SHA1

aca6ff224cc2d42dc14d66123bc018a10cd27445
SHA256

e52afa16e426ed5b530dc3fc1bcac33dc99ca772ff841b7c0bbbf93e4e7c7fed
SHA512

ba90b03bb76b45f79824d8ff415872f3a230b2dd0d50cf644938b2179d16d7dc09ffe5aa048cad089229ba84f7dd8167af747c98d0b6c70eb24208cd8e867c56
SSDEEP

24576:rTbBv5rUWXm04zMPIPhA53hJTB4tniG+tNd7:1B3m7/50NWt+/t

Score

10^/10

pandastealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

MidNight - CRACKED.exe

Resource

win7-20220812-en

pandastealer spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

MidNight - CRACKED.exe

Resource

win10v2004-20220812-en

pandastealer stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  MidNight - CRACKED.exe
- Size
  
  1.0MB
- MD5
  
  58ca1e23ef8de741043ccb41431b091a
- SHA1
  
  aca6ff224cc2d42dc14d66123bc018a10cd27445
- SHA256
  
  e52afa16e426ed5b530dc3fc1bcac33dc99ca772ff841b7c0bbbf93e4e7c7fed
- SHA512
  
  ba90b03bb76b45f79824d8ff415872f3a230b2dd0d50cf644938b2179d16d7dc09ffe5aa048cad089229ba84f7dd8167af747c98d0b6c70eb24208cd8e867c56
- SSDEEP
  
  24576:rTbBv5rUWXm04zMPIPhA53hJTB4tniG+tNd7:1B3m7/50NWt+/t
Score

10^/10

pandastealer spyware stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

pandastealerspywarestealer

behavioral2

pandastealerstealer

© 2018-2024

Terms | Privacy