pandastealer | 60a9b2c51e2cc25003cb1edc5698e0aa7f1081f874648459fc3dc672c2e36224 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

60a9b2c51e2cc25003cb1edc5698e0aa7f1081f874648459fc3dc672c2e36224
Size

228KB
Sample

230219-v3regsfe9x
MD5

dd450b8cd29046444f8181570fd8901f
SHA1

4d56d35a3a300aef08eb65467f4e7287286e161a
SHA256

60a9b2c51e2cc25003cb1edc5698e0aa7f1081f874648459fc3dc672c2e36224
SHA512

e81bed9347ec9a0c2ab7f76c191c45bfc80f8927b721b81e00ad7145be826aef0ac0eb15c5627ad670fbb5b84ee40b83a28f8fa20b2f3deedf3ebd49ea475f32
SSDEEP

6144:yRkoaLZh5lx6O2pq5KpdYf32I6q4ns4H2:yRfalh569ZU32Xh2

Score

10^/10

pandastealer smokeloader backdoor stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

60a9b2c51e2cc25003cb1edc5698e0aa7f1081f874648459fc3dc672c2e36224.exe

Resource

win10v2004-20220812-en

pandastealer smokeloader backdoor stealer trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  60a9b2c51e2cc25003cb1edc5698e0aa7f1081f874648459fc3dc672c2e36224
- Size
  
  228KB
- MD5
  
  dd450b8cd29046444f8181570fd8901f
- SHA1
  
  4d56d35a3a300aef08eb65467f4e7287286e161a
- SHA256
  
  60a9b2c51e2cc25003cb1edc5698e0aa7f1081f874648459fc3dc672c2e36224
- SHA512
  
  e81bed9347ec9a0c2ab7f76c191c45bfc80f8927b721b81e00ad7145be826aef0ac0eb15c5627ad670fbb5b84ee40b83a28f8fa20b2f3deedf3ebd49ea475f32
- SSDEEP
  
  6144:yRkoaLZh5lx6O2pq5KpdYf32I6q4ns4H2:yRfalh569ZU32Xh2
Score

10^/10

pandastealer smokeloader backdoor stealer trojan
- Detects Smokeloader packer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

pandastealersmokeloaderbackdoorstealertrojan

© 2018-2024

Terms | Privacy