Overview

overview

10

Static

static

10

BFDFC7BDB3...EB.exe

windows7-x64

10

BFDFC7BDB3...EB.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BFDFC7BDB3890683E8D3B5F3D9CAE5048DE3CBEDEBF223E4B9B732B096917BEB.exe

  • Size

    562KB

  • Sample

    240724-zxqyzszemb

  • MD5

    f5ce2d7efe8c3aaed87ec7e8adc05f03

  • SHA1

    693bb3cb67684e2b8b73956431b35b97dad92f15

  • SHA256

    cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135

  • SHA512

    c47ef59080a18c91558685e5526a9e7dd1721e76cea931d947ecec70ee2252d2528332f7b31b8726185dfd220f497ffeb6ef705e3c9ce3aa9146b9c3d6397e16

  • SSDEEP

    12288:J7vT8cGUCZmxIwNjVGCXZqmmJUE/JHkdIUnjoqhPkw4d:Jz4BUCZmxIw1VGCXZ5mJ1kdZnBhY

Score
10/10
pandastealerphoenixstealeraspackv2discoverystealer

Malware Config

Targets

    • Target

      BFDFC7BDB3890683E8D3B5F3D9CAE5048DE3CBEDEBF223E4B9B732B096917BEB.exe

    • Size

      562KB

    • MD5

      f5ce2d7efe8c3aaed87ec7e8adc05f03

    • SHA1

      693bb3cb67684e2b8b73956431b35b97dad92f15

    • SHA256

      cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135

    • SHA512

      c47ef59080a18c91558685e5526a9e7dd1721e76cea931d947ecec70ee2252d2528332f7b31b8726185dfd220f497ffeb6ef705e3c9ce3aa9146b9c3d6397e16

    • SSDEEP

      12288:J7vT8cGUCZmxIwNjVGCXZqmmJUE/JHkdIUnjoqhPkw4d:Jz4BUCZmxIw1VGCXZ5mJ1kdZnBhY

    Score
    10/10
    pandastealerphoenixstealeraspackv2discoverystealer

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • PhoenixStealer

      PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.

      stealerphoenixstealer

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks