pandastealer | 5bfd7eae5ad25befd314c183473eeaca4e87e3e2aefda5e34649e202b81a6f48 | Triage

Sharing

General

Target

file.exe
Size

673KB
Sample

230426-abftfsdg97
MD5

6cfcbdf4670f3ae5abd5942a36dd5a95
SHA1

4dcf567d82a02957e2e2c3160c2f7e23ef2f1247
SHA256

5bfd7eae5ad25befd314c183473eeaca4e87e3e2aefda5e34649e202b81a6f48
SHA512

4d61f08109ade0bd2fb5c283d6a41183e5a49982c225c94bd821fdd82c234c1fbc8e7da7136e2fc39c6eb99f4a558fdb930074bf8642c51782de4c0c97921090
SSDEEP

12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+i:VoJEKZ6IEGTMxapRl2PSwHTehy6BP+pQ

Score

10^/10

pandastealer spyware stealer

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://thisisgenk.temp.swtest.ru

Targets

- Target
  
  file.exe
- Size
  
  673KB
- MD5
  
  6cfcbdf4670f3ae5abd5942a36dd5a95
- SHA1
  
  4dcf567d82a02957e2e2c3160c2f7e23ef2f1247
- SHA256
  
  5bfd7eae5ad25befd314c183473eeaca4e87e3e2aefda5e34649e202b81a6f48
- SHA512
  
  4d61f08109ade0bd2fb5c283d6a41183e5a49982c225c94bd821fdd82c234c1fbc8e7da7136e2fc39c6eb99f4a558fdb930074bf8642c51782de4c0c97921090
- SSDEEP
  
  12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+i:VoJEKZ6IEGTMxapRl2PSwHTehy6BP+pQ
Score

10^/10

pandastealer spyware stealer
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

pandastealerspywarestealer

behavioral2

pandastealerspywarestealer