pandastealer | 97a77b367bc2b18d0c694615661df7eddb938a799973878f74123cfef35c7f96 | Triage

Submit
Reports

Overview

overview

Static

static

3

tankiclassic.exe

windows7-x64

Sharing

General

Target

tankiclassic.exe
Size

10.3MB
Sample

241118-v5mjba1fld
MD5

f272cb2b5fa27de6a644b7ac2b8d6f0c
SHA1

49c5c8e079b47f7a10b2a9f6cb0a59c311af3ed9
SHA256

97a77b367bc2b18d0c694615661df7eddb938a799973878f74123cfef35c7f96
SHA512

4c8f024ddb8aa1fa1d4f71aef2fd5f5d9f7819c2adc7059fc31ab08efef7a72282124e8468ce4d4cbabc3a0d3a123ed37848bc164889ab9424e379c3fca72972
SSDEEP

196608:ZzX4XkFw8LrB81ToYTLYcCOrYLKdJb1+LzorWDQiy0KsTDghn:JX4OviH/YuYmdJIoiDgQ/ghn

Score

10^/10

pandastealer discovery phishing stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tankiclassic.exe

Resource

win7-20240903-en

pandastealer discovery phishing stealer

windows7-x64

30 signatures

1800 seconds

Malware Config

Targets

- Target
  
  tankiclassic.exe
- Size
  
  10.3MB
- MD5
  
  f272cb2b5fa27de6a644b7ac2b8d6f0c
- SHA1
  
  49c5c8e079b47f7a10b2a9f6cb0a59c311af3ed9
- SHA256
  
  97a77b367bc2b18d0c694615661df7eddb938a799973878f74123cfef35c7f96
- SHA512
  
  4c8f024ddb8aa1fa1d4f71aef2fd5f5d9f7819c2adc7059fc31ab08efef7a72282124e8468ce4d4cbabc3a0d3a123ed37848bc164889ab9424e379c3fca72972
- SSDEEP
  
  196608:ZzX4XkFw8LrB81ToYTLYcCOrYLKdJb1+LzorWDQiy0KsTDghn:JX4OviH/YuYmdJIoiDgQ/ghn
Score

10^/10

pandastealer discovery phishing stealer
- Panda Stealer payload
- PandaStealer
  Panda Stealer is a fork of CollectorProject Stealer written in C++.
  stealer pandastealer
- Pandastealer family
  pandastealer
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

pandastealerdiscoveryphishingstealer

© 2018-2024

Terms | Privacy