Analysis
-
max time kernel
91s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
16-02-2024 11:01
Behavioral task
behavioral1
Sample
a035d233500d7f10cc87139f43f51cf3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
a035d233500d7f10cc87139f43f51cf3.exe
Resource
win10v2004-20231215-en
General
-
Target
a035d233500d7f10cc87139f43f51cf3.exe
-
Size
681KB
-
MD5
a035d233500d7f10cc87139f43f51cf3
-
SHA1
46fd3dfd39f98b6f3a201b35eff3e93b8e6ffd4a
-
SHA256
b2feb2b35a2c7173caaf9f2c64004c768cf8f1ab955aa3323fffe084659ec380
-
SHA512
5c419c91ee97e3b2bdfb4cfcb9374cb0f7e062e7911f507869bc48cffc5afc2bdf6e888f6f4d9e11cdd423a306f243f89f43f90fd59f93ca7f3442a50dd6d4bb
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlXjOz+2:VoJEKZ6IEGTMxapRl2PSwHTehy6Bs+p4
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1444 a035d233500d7f10cc87139f43f51cf3.exe 1444 a035d233500d7f10cc87139f43f51cf3.exe