pandastealer | 9bc1fa4aa23929432bacc24f05512c2df0e5672dd9e4159fc476829187af2b4e | Triage

Submit
Reports

Overview

overview

Static

static

3

38d4296c2d...15.exe

windows7-x64

38d4296c2d...15.exe

windows10-2004-x64

Sharing

General

Target

38d4296c2dda38d5b6ed29962c3a9f15
Size

736KB
Sample

231231-q78gcagfek
MD5

38d4296c2dda38d5b6ed29962c3a9f15
SHA1

dbcb27211e5cddab65ddca6915bcffcf27240cde
SHA256

9bc1fa4aa23929432bacc24f05512c2df0e5672dd9e4159fc476829187af2b4e
SHA512

49dcee5f2f4f272ae9358576d2897dd7609ac82fd40f85aead134768c3fc8dd1320b5042ea19548e8e9e272adf6845ebad1f498bd4447e6767973bbf012106a9
SSDEEP

12288:3GUeFU78kDDZF6foLZMnhBW8+F+dIgFZ0VrIYwNNN/Nlj:aFUIkDNF6gLZMhUXFCv0q3NN1l

Score

10^/10

pandastealer spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

38d4296c2dda38d5b6ed29962c3a9f15.exe

Resource

win7-20231215-en

pandastealer stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

38d4296c2dda38d5b6ed29962c3a9f15.exe

Resource

win10v2004-20231215-en

pandastealer spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://vpn-topusa.info

Targets

- Target
  
  38d4296c2dda38d5b6ed29962c3a9f15
- Size
  
  736KB
- MD5
  
  38d4296c2dda38d5b6ed29962c3a9f15
- SHA1
  
  dbcb27211e5cddab65ddca6915bcffcf27240cde
- SHA256
  
  9bc1fa4aa23929432bacc24f05512c2df0e5672dd9e4159fc476829187af2b4e
- SHA512
  
  49dcee5f2f4f272ae9358576d2897dd7609ac82fd40f85aead134768c3fc8dd1320b5042ea19548e8e9e272adf6845ebad1f498bd4447e6767973bbf012106a9
- SSDEEP
  
  12288:3GUeFU78kDDZF6foLZMnhBW8+F+dIgFZ0VrIYwNNN/Nlj:aFUIkDNF6gLZMhUXFCv0q3NN1l
Score

10^/10

pandastealer stealer spyware
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

pandastealerstealer

behavioral2

pandastealerspywarestealer

© 2018-2024

Terms | Privacy