General

  • Target

    9b80f5c9c1cd7d2d13d6c41d35e0c21f

  • Size

    5.6MB

  • Sample

    240214-m5mv3sge4z

  • MD5

    9b80f5c9c1cd7d2d13d6c41d35e0c21f

  • SHA1

    6df7b192b2c140552feaf951090ca54a01640f77

  • SHA256

    62a1d37c063d4835060b531f903bc99d8f807e8f52077e6ece25c8f53af84d74

  • SHA512

    1b6a33ae5275653eaafeeba81e0cf1df466a0a6e66647f662765cccb28c122d1a9d22baa977f623ac6b094c0e064e434f6981261136343209de2b3375f9cd609

  • SSDEEP

    98304:jO2z45deXEXN1NLNsI2xebYryeeKQsJ4rPB2EAV5ZEseq3q9/A7Co8+klmxKw:i2z45XXN1T2xebYpeKHJwP0KPq3kAmoF

Malware Config

Targets

    • Target

      9b80f5c9c1cd7d2d13d6c41d35e0c21f

    • Size

      5.6MB

    • MD5

      9b80f5c9c1cd7d2d13d6c41d35e0c21f

    • SHA1

      6df7b192b2c140552feaf951090ca54a01640f77

    • SHA256

      62a1d37c063d4835060b531f903bc99d8f807e8f52077e6ece25c8f53af84d74

    • SHA512

      1b6a33ae5275653eaafeeba81e0cf1df466a0a6e66647f662765cccb28c122d1a9d22baa977f623ac6b094c0e064e434f6981261136343209de2b3375f9cd609

    • SSDEEP

      98304:jO2z45deXEXN1NLNsI2xebYryeeKQsJ4rPB2EAV5ZEseq3q9/A7Co8+klmxKw:i2z45XXN1T2xebYpeKHJwP0KPq3kAmoF

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

    • Shurk Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks