Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240319-en -
resource tags
arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 14:23
Behavioral task
behavioral1
Sample
f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe
-
Size
689KB
-
MD5
f5f93b480a4ca583092b496be670cab9
-
SHA1
7599346d4289e30e379d7b66d56bb85bb1d70c7b
-
SHA256
62d0df3e2034c38c55163ea9a5e6c972416a39a3dac53fecea54fec272301fdc
-
SHA512
8de0eb7c0923b3623ddf23af15d87dcbb516c621667a141de3695a72ae5a0b09b3a995a3ad9a6cd417c6d165c6efbbb1dc25a5a89d7c15561ec9db6885892786
-
SSDEEP
12288:oHaUzb/8R/oQQXew/1boTID5jra/W9K4RHzFOMMW3SMyvnuZIGiYBXlwFwQy5A:oHa2w/YOw/Vo0D5jra/hUFOKn+dy5A
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2880 f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe