Overview

overview

10

Static

static

3

1ef885180b...18.exe

windows7-x64

10

1ef885180b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1ef885180b8c94fde6c5e565f6db81b4_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241008-ce3thataqm

  • MD5

    1ef885180b8c94fde6c5e565f6db81b4

  • SHA1

    33050d1789d3c546120de50d50590c10419e8617

  • SHA256

    a8068ff1d828406bdf89fc700bb6f4beac215ee18248f0afe3dbb451253b6d37

  • SHA512

    cb71808409587efbdad2d41223838c9c3a706547bb24240eba51c7c1d8dcafac77314c4367cb73a96c5410860afa00064add4912310a179930c9c198b986d142

  • SSDEEP

    24576:1QBRDxAlCXxX87wsRL+74l/LwwehUofEvC2eEgN/K3vuI5akK5C3:u3DSlCXSN6Y/Lx/ofWMnq

Score
10/10
pandastealerdiscoveryspywarestealer

Malware Config

Targets

    • Target

      1ef885180b8c94fde6c5e565f6db81b4_JaffaCakes118

    • Size

      1.1MB

    • MD5

      1ef885180b8c94fde6c5e565f6db81b4

    • SHA1

      33050d1789d3c546120de50d50590c10419e8617

    • SHA256

      a8068ff1d828406bdf89fc700bb6f4beac215ee18248f0afe3dbb451253b6d37

    • SHA512

      cb71808409587efbdad2d41223838c9c3a706547bb24240eba51c7c1d8dcafac77314c4367cb73a96c5410860afa00064add4912310a179930c9c198b986d142

    • SSDEEP

      24576:1QBRDxAlCXxX87wsRL+74l/LwwehUofEvC2eEgN/K3vuI5akK5C3:u3DSlCXSN6Y/Lx/ofWMnq

    Score
    10/10
    pandastealerdiscoveryspywarestealer

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks for any installed AV software in registry

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks