pandastealer | 7a97516b3a8eff94b12dbaa5538373921f076b13ac3865d3299749a701510db6 | Triage

Submit
Reports

Overview

overview

Static

static

1

ffc21cddf5...18.exe

windows7-x64

ffc21cddf5...18.exe

windows10-2004-x64

Sharing

General

Target

ffc21cddf522b1800d41b4a41da2c24e_JaffaCakes118
Size

3.4MB
Sample

240930-cs1w3asgqq
MD5

ffc21cddf522b1800d41b4a41da2c24e
SHA1

bdcbe7b199cb8531b2262c37d3e535ffc5aa72e7
SHA256

7a97516b3a8eff94b12dbaa5538373921f076b13ac3865d3299749a701510db6
SHA512

9479f902ee5a70bc76a44e418a9a012024ba88dcc8f7b02acdb414f61516bfe0e5c41c2f52f591b8d201612b26021d853a68261eeb6c072dcb969d270e7b5079
SSDEEP

98304:oTLr/vwnSlGuICx42P2ivKIrZzOMIobLCWe0M+v/1:o3rGcGskinrZ9CQX

Score

10^/10

pandastealer discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

ffc21cddf522b1800d41b4a41da2c24e_JaffaCakes118.exe

Resource

win7-20240903-en

pandastealer discovery stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffc21cddf522b1800d41b4a41da2c24e_JaffaCakes118.exe

Resource

win10v2004-20240802-en

pandastealer discovery stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ffc21cddf522b1800d41b4a41da2c24e_JaffaCakes118
- Size
  
  3.4MB
- MD5
  
  ffc21cddf522b1800d41b4a41da2c24e
- SHA1
  
  bdcbe7b199cb8531b2262c37d3e535ffc5aa72e7
- SHA256
  
  7a97516b3a8eff94b12dbaa5538373921f076b13ac3865d3299749a701510db6
- SHA512
  
  9479f902ee5a70bc76a44e418a9a012024ba88dcc8f7b02acdb414f61516bfe0e5c41c2f52f591b8d201612b26021d853a68261eeb6c072dcb969d270e7b5079
- SSDEEP
  
  98304:oTLr/vwnSlGuICx42P2ivKIrZzOMIobLCWe0M+v/1:o3rGcGskinrZ9CQX
Score

10^/10

pandastealer discovery stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

pandastealerdiscoverystealer

behavioral2

pandastealerdiscoverystealer

© 2018-2024

Terms | Privacy