Analysis
-
max time kernel
91s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
26-04-2023 00:02
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
file.exe
-
Size
673KB
-
MD5
6cfcbdf4670f3ae5abd5942a36dd5a95
-
SHA1
4dcf567d82a02957e2e2c3160c2f7e23ef2f1247
-
SHA256
5bfd7eae5ad25befd314c183473eeaca4e87e3e2aefda5e34649e202b81a6f48
-
SHA512
4d61f08109ade0bd2fb5c283d6a41183e5a49982c225c94bd821fdd82c234c1fbc8e7da7136e2fc39c6eb99f4a558fdb930074bf8642c51782de4c0c97921090
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+i:VoJEKZ6IEGTMxapRl2PSwHTehy6BP+pQ
Score
10/10
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1868 file.exe 1868 file.exe