General

  • Target

    Discord Nitro Generator + Checker.zip

  • Size

    367KB

  • Sample

    240222-qakzsahf81

  • MD5

    6d037001b224adbafb9203e28412528a

  • SHA1

    060162104120846e031a246cf7d602e2803c4e94

  • SHA256

    11509d1c300588a8176d444e1d9971db236ec3a040d57706e54a6eb8a58271ed

  • SHA512

    4c8d2972e875414527566bc64d407dcc59974c513dd996f3f43df052d6daa9cf8531a6b1b1014978863bc80c7d273ad6bffbdec3888193eacc7749a47fa1d4b5

  • SSDEEP

    6144:6VTreI7gzWsZh36XJS3htzEPLRgcnEwj5CSFfg5kTDWh20/Q/tWdCvaze+:yneWqx6SxtzEPLRgcnEWrFY5kWU0IlW1

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://cocojambo.collector-steal.ga

Targets

    • Target

      Discord Nitro Generator + Checker.exe

    • Size

      681KB

    • MD5

      326ec775fb8fa48082c18248864674e8

    • SHA1

      062751ef1949f75f25a23e278e18a1105b9149fa

    • SHA256

      88b0a2344d8c7433afb364f5d0fb67301ddb6948613a4cb3a9e023e7b2080d82

    • SHA512

      cea1e2f0b5ef81818e1c0958ad37d56cf89f532fba1e2bef2047129a9421e3bc66eff7682f69dd2f46dd5b67715ccb373b19cd9c0831b62b2344a5d803478379

    • SSDEEP

      12288:VoJqNkPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+2:VoJE+Z6IEGTMxapRl2PSwHTehy6BD+p4

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks