pandastealer

General

Target

cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135.exe
Size

562KB
Sample

240725-gszffswakb
MD5

f5ce2d7efe8c3aaed87ec7e8adc05f03
SHA1

693bb3cb67684e2b8b73956431b35b97dad92f15
SHA256

cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135
SHA512

c47ef59080a18c91558685e5526a9e7dd1721e76cea931d947ecec70ee2252d2528332f7b31b8726185dfd220f497ffeb6ef705e3c9ce3aa9146b9c3d6397e16
SSDEEP

12288:J7vT8cGUCZmxIwNjVGCXZqmmJUE/JHkdIUnjoqhPkw4d:Jz4BUCZmxIw1VGCXZ5mJ1kdZnBhY

Score

10^/10

Malware Config

Targets

- Target
  
  cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135.exe
- Size
  
  562KB
- MD5
  
  f5ce2d7efe8c3aaed87ec7e8adc05f03
- SHA1
  
  693bb3cb67684e2b8b73956431b35b97dad92f15
- SHA256
  
  cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135
- SHA512
  
  c47ef59080a18c91558685e5526a9e7dd1721e76cea931d947ecec70ee2252d2528332f7b31b8726185dfd220f497ffeb6ef705e3c9ce3aa9146b9c3d6397e16
- SSDEEP
  
  12288:J7vT8cGUCZmxIwNjVGCXZqmmJUE/JHkdIUnjoqhPkw4d:Jz4BUCZmxIw1VGCXZ5mJ1kdZnBhY
Score

10^/10

pandastealer phoenixstealer aspackv2 discovery stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- PhoenixStealer
  PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.
  stealer phoenixstealer
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Panda Stealer payload

PhoenixStealer

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2