pandastealer | e6a7ff28239ac9e90f17ee80ccb7983dd855996550fd3455ae6de207f8c1b9d1 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

General

Target

e6a7ff28239ac9e90f17ee80ccb7983dd855996550fd3455ae6de207f8c1b9d1
Size

186KB
Sample

230212-ywnlssgc57
MD5

45bcfc437dfd82db45e754202cfcc584
SHA1

792d70be144185f6e783c470d8933f71f550aa9d
SHA256

e6a7ff28239ac9e90f17ee80ccb7983dd855996550fd3455ae6de207f8c1b9d1
SHA512

1d3315a0eceff56830c8ba015f20df514250c820c3d856fae53579b3c2ce11719f9368281bf2246b3098c66041d1f459ab420fbb131f0dad587a1a4eb64d3b50
SSDEEP

3072:y7tia+HuC15668TJzvokJ+/6Zq1QDoWjPwiyN:MTC0DN0kc/Eq3WVy

Score

10^/10

pandastealer smokeloader backdoor stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

e6a7ff28239ac9e90f17ee80ccb7983dd855996550fd3455ae6de207f8c1b9d1.exe

Resource

win10-20220901-en

pandastealer smokeloader backdoor stealer trojan

windows10-1703-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  e6a7ff28239ac9e90f17ee80ccb7983dd855996550fd3455ae6de207f8c1b9d1
- Size
  
  186KB
- MD5
  
  45bcfc437dfd82db45e754202cfcc584
- SHA1
  
  792d70be144185f6e783c470d8933f71f550aa9d
- SHA256
  
  e6a7ff28239ac9e90f17ee80ccb7983dd855996550fd3455ae6de207f8c1b9d1
- SHA512
  
  1d3315a0eceff56830c8ba015f20df514250c820c3d856fae53579b3c2ce11719f9368281bf2246b3098c66041d1f459ab420fbb131f0dad587a1a4eb64d3b50
- SSDEEP
  
  3072:y7tia+HuC15668TJzvokJ+/6Zq1QDoWjPwiyN:MTC0DN0kc/Eq3WVy
Score

10^/10

pandastealer smokeloader backdoor stealer trojan
- Detects Smokeloader packer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Deletes itself
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

pandastealersmokeloaderbackdoorstealertrojan

© 2018-2024

Terms | Privacy