pandastealer | 09a846ea5ba6332a6b891658eba7626da595a04c34bb2a43d650a1ffdbcd08df | Triage

Submit
Reports

Overview

overview

Static

static

CollectorStealer.zip

windows10-2004-x64

Sharing

General

Target

CollectorStealer.zip
Size

2.0MB
Sample

231107-varvjsbh7z
MD5

d7451e31ff76dfca20ad7ff211b1d272
SHA1

1a3ecbe97af6d628163ce4fcd7e9d18668fa263a
SHA256

09a846ea5ba6332a6b891658eba7626da595a04c34bb2a43d650a1ffdbcd08df
SHA512

4175d698574506ef17bbd7d7a63723a0a1c0563d858ca7b083232aaa7bf13af15facdbf87b44bb010cdd973e2b5282f7d5d62766e8091b09eebdcc705ebb8aa0
SSDEEP

49152:130B9wcSzZaEs8aEWf5cgf1ey2C7BulzbulzmHw7E9aut:pcEs8aVf5cgtedQBqzbqzmHEE9/t

Score

10^/10

pandastealer persistence stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

CollectorStealer.zip

Resource

win10v2004-20231023-en

pandastealer persistence stealer

windows10-2004-x64

18 signatures

1800 seconds

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://crimestreetsru.ru.xsph.ru

http://a0680922.xsph.ru

Targets

- Target
  
  CollectorStealer.zip
- Size
  
  2.0MB
- MD5
  
  d7451e31ff76dfca20ad7ff211b1d272
- SHA1
  
  1a3ecbe97af6d628163ce4fcd7e9d18668fa263a
- SHA256
  
  09a846ea5ba6332a6b891658eba7626da595a04c34bb2a43d650a1ffdbcd08df
- SHA512
  
  4175d698574506ef17bbd7d7a63723a0a1c0563d858ca7b083232aaa7bf13af15facdbf87b44bb010cdd973e2b5282f7d5d62766e8091b09eebdcc705ebb8aa0
- SSDEEP
  
  49152:130B9wcSzZaEs8aEWf5cgf1ey2C7BulzbulzmHw7E9aut:pcEs8aVf5cgtedQBqzbqzmHEE9/t
Score

10^/10

pandastealer persistence stealer
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

pandastealerpersistencestealer

© 2018-2024

Terms | Privacy