Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
26-04-2023 00:05
General
-
Target
0x0004000000000741-151.exe
-
Size
681KB
-
MD5
43aa2880830859585b3c6a15e915b8db
-
SHA1
6780b3f4d54a43b22223629e14c676addb3ac400
-
SHA256
378f2b1055dd7f1a150e0d86889b9bd3336225e38fc3c8cafb390ebf347ad46d
-
SHA512
6d35bd792aefe5c1b42caae9e50ed66967a74bb476985e17d3a5bc8d6b87111b7bb1af56cb216bff24f056da33bc14c4bddc81fabbfa07d569bab98ec679289d
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+2:VoJEKZ6IEGTMxapRl2PSwHTehy6BP+p4
Score
10/10
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0x0004000000000741-151.exe"C:\Users\Admin\AppData\Local\Temp\0x0004000000000741-151.exe"1⤵
- Suspicious behavior: EnumeratesProcesses