Overview

overview

10

Static

static

1

000165.exe

windows7-x64

10

000165.exe

windows10-2004-x64

10

Resubmissions

27-02-2023 17:20

230227-vww2dseg95 10

27-02-2023 17:14

230227-vrzlqaee6t 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    000165.ldb

  • Size

    1.9MB

  • Sample

    230227-vww2dseg95

  • MD5

    ba7115a88a1f3f2abcbcbb40e9093505

  • SHA1

    57b57c3b158055925979b7154326a1b8ecda03f4

  • SHA256

    1deff3018628c28bea0312b3e126a2138a934edec119134e3a6cca7bb0aefa5e

  • SHA512

    3d2d9cf68dea8bb4e5234b396f6e9e67e79cbd196ce640cb936a8a415c9b37cae9e9989f4b272b295f47fd65a32d92423e63abe30045bc12885db0ba249e4330

  • SSDEEP

    49152:ABRAIJEM7Y4c8qOwlYb6pJL89eHWQQPlZlJ7:aLh73EmbKp89KhClZ/

Score
10/10
pandastealerstealer

Malware Config

Targets

    • Target

      000165.ldb

    • Size

      1.9MB

    • MD5

      ba7115a88a1f3f2abcbcbb40e9093505

    • SHA1

      57b57c3b158055925979b7154326a1b8ecda03f4

    • SHA256

      1deff3018628c28bea0312b3e126a2138a934edec119134e3a6cca7bb0aefa5e

    • SHA512

      3d2d9cf68dea8bb4e5234b396f6e9e67e79cbd196ce640cb936a8a415c9b37cae9e9989f4b272b295f47fd65a32d92423e63abe30045bc12885db0ba249e4330

    • SSDEEP

      49152:ABRAIJEM7Y4c8qOwlYb6pJL89eHWQQPlZlJ7:aLh73EmbKp89KhClZ/

    Score
    10/10
    pandastealerstealer

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks