General
-
Target
0x000500000000073b-142.dat.bin
-
Size
829KB
-
Sample
230430-2n46csfd24
-
MD5
d7ecaa18abc939e94eb7b751e14c2b2d
-
SHA1
40b6d5eff1347182fcc22ff9a8982282432786bd
-
SHA256
433acf938a74ef9ab5f556679a00963e2d67dc4921281192f6a4d9de485270ae
-
SHA512
15c1cf8195f5d715af1958754fd06693472a649657484bf68198d41dc4931ef48c1c6d092d3bf2dbca68541933b5151fc9b13970d3930b7d2d868d0aaf046f2e
-
SSDEEP
24576:woJEKZ6IEGTMxapRl2PSwHTehy6BP+pXSh0vpB:wouKZ6iMqRl2PSwzehy6cpXSh0vpB
Behavioral task
behavioral1
Sample
0x000500000000073b-142.dat.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0x000500000000073b-142.dat.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
pandastealer
1.11
http://thisisgenk.temp.swtest.ru
Extracted
pandastealer
��H
http://�H
Targets
-
-
Target
0x000500000000073b-142.dat.bin
-
Size
829KB
-
MD5
d7ecaa18abc939e94eb7b751e14c2b2d
-
SHA1
40b6d5eff1347182fcc22ff9a8982282432786bd
-
SHA256
433acf938a74ef9ab5f556679a00963e2d67dc4921281192f6a4d9de485270ae
-
SHA512
15c1cf8195f5d715af1958754fd06693472a649657484bf68198d41dc4931ef48c1c6d092d3bf2dbca68541933b5151fc9b13970d3930b7d2d868d0aaf046f2e
-
SSDEEP
24576:woJEKZ6IEGTMxapRl2PSwHTehy6BP+pXSh0vpB:wouKZ6iMqRl2PSwzehy6cpXSh0vpB
Score10/10-
Panda Stealer payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-