Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
26-04-2023 00:02
General
-
Target
file.exe
-
Size
673KB
-
MD5
6cfcbdf4670f3ae5abd5942a36dd5a95
-
SHA1
4dcf567d82a02957e2e2c3160c2f7e23ef2f1247
-
SHA256
5bfd7eae5ad25befd314c183473eeaca4e87e3e2aefda5e34649e202b81a6f48
-
SHA512
4d61f08109ade0bd2fb5c283d6a41183e5a49982c225c94bd821fdd82c234c1fbc8e7da7136e2fc39c6eb99f4a558fdb930074bf8642c51782de4c0c97921090
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+i:VoJEKZ6IEGTMxapRl2PSwHTehy6BP+pQ
Score
10/10
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\file.exe"C:\Users\Admin\AppData\Local\Temp\file.exe"1⤵
- Suspicious behavior: EnumeratesProcesses