Overview

overview

10

Static

static

7

9b80f5c9c1...1f.exe

windows7-x64

10

9b80f5c9c1...1f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b80f5c9c1cd7d2d13d6c41d35e0c21f

  • Size

    5.6MB

  • Sample

    240214-m5mv3sge4z

  • MD5

    9b80f5c9c1cd7d2d13d6c41d35e0c21f

  • SHA1

    6df7b192b2c140552feaf951090ca54a01640f77

  • SHA256

    62a1d37c063d4835060b531f903bc99d8f807e8f52077e6ece25c8f53af84d74

  • SHA512

    1b6a33ae5275653eaafeeba81e0cf1df466a0a6e66647f662765cccb28c122d1a9d22baa977f623ac6b094c0e064e434f6981261136343209de2b3375f9cd609

  • SSDEEP

    98304:jO2z45deXEXN1NLNsI2xebYryeeKQsJ4rPB2EAV5ZEseq3q9/A7Co8+klmxKw:i2z45XXN1T2xebYpeKHJwP0KPq3kAmoF

Score
10/10
pandastealershurkinfostealerspywarestealervmprotect

Malware Config

Targets

    • Target

      9b80f5c9c1cd7d2d13d6c41d35e0c21f

    • Size

      5.6MB

    • MD5

      9b80f5c9c1cd7d2d13d6c41d35e0c21f

    • SHA1

      6df7b192b2c140552feaf951090ca54a01640f77

    • SHA256

      62a1d37c063d4835060b531f903bc99d8f807e8f52077e6ece25c8f53af84d74

    • SHA512

      1b6a33ae5275653eaafeeba81e0cf1df466a0a6e66647f662765cccb28c122d1a9d22baa977f623ac6b094c0e064e434f6981261136343209de2b3375f9cd609

    • SSDEEP

      98304:jO2z45deXEXN1NLNsI2xebYryeeKQsJ4rPB2EAV5ZEseq3q9/A7Co8+klmxKw:i2z45XXN1T2xebYpeKHJwP0KPq3kAmoF

    Score
    10/10
    pandastealershurkinfostealerspywarestealervmprotect

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks