Overview

overview

10

Static

static

3

6622163d43...18.exe

windows7-x64

10

6622163d43...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6622163d43a78bd366317503f39d94bb_JaffaCakes118

  • Size

    36KB

  • Sample

    241021-kcemwsycmj

  • MD5

    6622163d43a78bd366317503f39d94bb

  • SHA1

    326396b74f133f57a7dcef88173661fdea381a98

  • SHA256

    bd5360469b8626b95211a085d69a8fa2e668cdb726b328393664c33ed109e145

  • SHA512

    28e3334f02d97e62b0a5d11ab718099f03d5a511105a4d24d6d49be5b4d786cbef2d8a1733a0d8aa1e06b4abc70546fc277f147b56a3e066c4f131ea986f9d9e

  • SSDEEP

    384:rYRAK0LOSspxdHfj5NfZuShuuyu1b+rdkjAd1mVJcD1P:rYJOOtR73h3yu1EKcdicD

Score
10/10
pandastealerdiscoverymacromacro_on_actionspywarestealer

Malware Config

Targets

    • Target

      6622163d43a78bd366317503f39d94bb_JaffaCakes118

    • Size

      36KB

    • MD5

      6622163d43a78bd366317503f39d94bb

    • SHA1

      326396b74f133f57a7dcef88173661fdea381a98

    • SHA256

      bd5360469b8626b95211a085d69a8fa2e668cdb726b328393664c33ed109e145

    • SHA512

      28e3334f02d97e62b0a5d11ab718099f03d5a511105a4d24d6d49be5b4d786cbef2d8a1733a0d8aa1e06b4abc70546fc277f147b56a3e066c4f131ea986f9d9e

    • SSDEEP

      384:rYRAK0LOSspxdHfj5NfZuShuuyu1b+rdkjAd1mVJcD1P:rYJOOtR73h3yu1EKcdicD

    Score
    10/10
    pandastealerdiscoverymacromacro_on_actionspywarestealer

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

      stealerpandastealer

    • Office macro that triggers on suspicious action

      Office document macro which triggers in special circumstances - often malicious.

      macromacro_on_action

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks