pandastealer | 1deff3018628c28bea0312b3e126a2138a934edec119134e3a6cca7bb0aefa5e | Triage

Submit
Reports

Overview

overview

Static

static

1

000165.exe

windows7-x64

000165.exe

windows10-2004-x64

Resubmissions

27-02-2023 17:20

230227-vww2dseg95 10

27-02-2023 17:14

230227-vrzlqaee6t 10

Sharing

General

Target

000165.ldb
Size

1.9MB
Sample

230227-vrzlqaee6t
MD5

ba7115a88a1f3f2abcbcbb40e9093505
SHA1

57b57c3b158055925979b7154326a1b8ecda03f4
SHA256

1deff3018628c28bea0312b3e126a2138a934edec119134e3a6cca7bb0aefa5e
SHA512

3d2d9cf68dea8bb4e5234b396f6e9e67e79cbd196ce640cb936a8a415c9b37cae9e9989f4b272b295f47fd65a32d92423e63abe30045bc12885db0ba249e4330
SSDEEP

49152:ABRAIJEM7Y4c8qOwlYb6pJL89eHWQQPlZlJ7:aLh73EmbKp89KhClZ/

Score

10^/10

pandastealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

000165.exe

Resource

win7-20230220-en

pandastealer stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

000165.exe

Resource

win10v2004-20230220-en

pandastealer stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  000165.ldb
- Size
  
  1.9MB
- MD5
  
  ba7115a88a1f3f2abcbcbb40e9093505
- SHA1
  
  57b57c3b158055925979b7154326a1b8ecda03f4
- SHA256
  
  1deff3018628c28bea0312b3e126a2138a934edec119134e3a6cca7bb0aefa5e
- SHA512
  
  3d2d9cf68dea8bb4e5234b396f6e9e67e79cbd196ce640cb936a8a415c9b37cae9e9989f4b272b295f47fd65a32d92423e63abe30045bc12885db0ba249e4330
- SSDEEP
  
  49152:ABRAIJEM7Y4c8qOwlYb6pJL89eHWQQPlZlJ7:aLh73EmbKp89KhClZ/
Score

10^/10

pandastealer stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

pandastealerstealer

behavioral2

pandastealerstealer

© 2018-2024

Terms | Privacy