pandastealer | 11509d1c300588a8176d444e1d9971db236ec3a040d57706e54a6eb8a58271ed | Triage

Sharing

General

Target

Discord Nitro Generator + Checker.zip
Size

367KB
Sample

240412-qjx1psdg6v
MD5

6d037001b224adbafb9203e28412528a
SHA1

060162104120846e031a246cf7d602e2803c4e94
SHA256

11509d1c300588a8176d444e1d9971db236ec3a040d57706e54a6eb8a58271ed
SHA512

4c8d2972e875414527566bc64d407dcc59974c513dd996f3f43df052d6daa9cf8531a6b1b1014978863bc80c7d273ad6bffbdec3888193eacc7749a47fa1d4b5
SSDEEP

6144:6VTreI7gzWsZh36XJS3htzEPLRgcnEwj5CSFfg5kTDWh20/Q/tWdCvaze+:yneWqx6SxtzEPLRgcnEWrFY5kWU0IlW1

Score

10^/10

pandastealer spyware stealer

Malware Config

Extracted

Family

pandastealer

Version

1.11

C2

http://cocojambo.collector-steal.ga

Targets

- Target
  
  Discord Nitro Generator + Checker.exe
- Size
  
  681KB
- MD5
  
  326ec775fb8fa48082c18248864674e8
- SHA1
  
  062751ef1949f75f25a23e278e18a1105b9149fa
- SHA256
  
  88b0a2344d8c7433afb364f5d0fb67301ddb6948613a4cb3a9e023e7b2080d82
- SHA512
  
  cea1e2f0b5ef81818e1c0958ad37d56cf89f532fba1e2bef2047129a9421e3bc66eff7682f69dd2f46dd5b67715ccb373b19cd9c0831b62b2344a5d803478379
- SSDEEP
  
  12288:VoJqNkPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlgjOz+2:VoJE+Z6IEGTMxapRl2PSwHTehy6BD+p4
Score

10^/10

pandastealer spyware stealer
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

pandastealerspywarestealer