General

  • Target

    c9c937d7791010e40713bf9c7812a532.zip

  • Size

    315KB

  • MD5

    80a607383b49efd359052cf5a76846f5

  • SHA1

    f95bb73edce6d9a830433714b92f21ca1d10c29f

  • SHA256

    0c9bb87d9303848373cb387f1705357eef700cdeb900ffee0cbd997a29efa7ae

  • SHA512

    ff7aa88f54db672652dad19b85a47bfab858120d5161a4842c53fe495414893ca8e564691700a884f9625993a19fd356d67d06af5dae8659834c80e1a6abbdcd

  • SSDEEP

    6144:dsfQIfFPGcfyx9KLsr05nRbn6i7X4YnVrx/UoL1485r5:dWQIfwc/dPbn6+oYP8wV

Malware Config

Signatures

  • Detect PhoenixStealer 1 IoCs

    Detect Phoenix Stealer.

  • Panda Stealer payload 1 IoCs
  • Pandastealer family
  • Phoenixstealer family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c9c937d7791010e40713bf9c7812a532.zip
    .zip

    Password: infected

  • 43b21e60d088a3eba1b23f5aac9deb39d86f27a819a2e179a7edbdfd407264af
    .exe windows:6 windows x86 arch:x86

    Password: infected

    06c6e92acd3ff57b00b3132976b3f6d6


    Headers

    Imports

    Sections