pandastealer | f98599fb97f7bf78335f2be4b6e1d702dc2f2a5d3ae6ed3e5241d76f7d7a916d | Triage

Submit
Reports

Overview

overview

Static

static

1

67bb394e3f...68.exe

windows7-x64

67bb394e3f...68.exe

windows10-2004-x64

Sharing

General

Target

67bb394e3f08886c8efcbb095326e668
Size

1016KB
Sample

231226-mm661afehq
MD5

67bb394e3f08886c8efcbb095326e668
SHA1

985f91f46a51a1aba14fe54eff745c1297c95059
SHA256

f98599fb97f7bf78335f2be4b6e1d702dc2f2a5d3ae6ed3e5241d76f7d7a916d
SHA512

02810c59a1b13fb42dc08ab4f742866e53ef0f67af3e4c5dffb7726aa348552eb324dee0bf317b24b9725af12d69b1d6e5509f293f0e8150bc2eddf934c21d18
SSDEEP

24576:KqzOi5P5H/PPt06BU2YjaRYHIV+s/mjlZ:KqzOKR3y6u2BWk+ZjlZ

Score

10^/10

pandastealer shurk agilenet infostealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

67bb394e3f08886c8efcbb095326e668.exe

Resource

win7-20231215-en

pandastealer shurk agilenet infostealer stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

67bb394e3f08886c8efcbb095326e668.exe

Resource

win10v2004-20231215-en

pandastealer shurk agilenet infostealer stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  67bb394e3f08886c8efcbb095326e668
- Size
  
  1016KB
- MD5
  
  67bb394e3f08886c8efcbb095326e668
- SHA1
  
  985f91f46a51a1aba14fe54eff745c1297c95059
- SHA256
  
  f98599fb97f7bf78335f2be4b6e1d702dc2f2a5d3ae6ed3e5241d76f7d7a916d
- SHA512
  
  02810c59a1b13fb42dc08ab4f742866e53ef0f67af3e4c5dffb7726aa348552eb324dee0bf317b24b9725af12d69b1d6e5509f293f0e8150bc2eddf934c21d18
- SSDEEP
  
  24576:KqzOi5P5H/PPt06BU2YjaRYHIV+s/mjlZ:KqzOKR3y6u2BWk+ZjlZ
Score

10^/10

pandastealer shurk agilenet infostealer stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Shurk
  Shurk is an infostealer, written in C++ which appeared in 2021.
  infostealer shurk
- Shurk Stealer payload
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

pandastealershurkagilenetinfostealerstealer

behavioral2

pandastealershurkagilenetinfostealerstealer

© 2018-2024

Terms | Privacy