General

  • Target

    67bb394e3f08886c8efcbb095326e668

  • Size

    1016KB

  • Sample

    231226-mm661afehq

  • MD5

    67bb394e3f08886c8efcbb095326e668

  • SHA1

    985f91f46a51a1aba14fe54eff745c1297c95059

  • SHA256

    f98599fb97f7bf78335f2be4b6e1d702dc2f2a5d3ae6ed3e5241d76f7d7a916d

  • SHA512

    02810c59a1b13fb42dc08ab4f742866e53ef0f67af3e4c5dffb7726aa348552eb324dee0bf317b24b9725af12d69b1d6e5509f293f0e8150bc2eddf934c21d18

  • SSDEEP

    24576:KqzOi5P5H/PPt06BU2YjaRYHIV+s/mjlZ:KqzOKR3y6u2BWk+ZjlZ

Malware Config

Targets

    • Target

      67bb394e3f08886c8efcbb095326e668

    • Size

      1016KB

    • MD5

      67bb394e3f08886c8efcbb095326e668

    • SHA1

      985f91f46a51a1aba14fe54eff745c1297c95059

    • SHA256

      f98599fb97f7bf78335f2be4b6e1d702dc2f2a5d3ae6ed3e5241d76f7d7a916d

    • SHA512

      02810c59a1b13fb42dc08ab4f742866e53ef0f67af3e4c5dffb7726aa348552eb324dee0bf317b24b9725af12d69b1d6e5509f293f0e8150bc2eddf934c21d18

    • SSDEEP

      24576:KqzOi5P5H/PPt06BU2YjaRYHIV+s/mjlZ:KqzOKR3y6u2BWk+ZjlZ

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

    • Shurk Stealer payload

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks