General
-
Target
chrome_installer.exe
-
Size
11KB
-
Sample
241201-kw98xaypfw
-
MD5
6acdca7be5d836c34b9b36a073bcd6e5
-
SHA1
200ad2557b2d12257a261221265119ce23b8fa33
-
SHA256
9ec066a49034d8dce7ac26317c58d4b41dc4e2b72a148743c8687a55b68b76be
-
SHA512
17ebe84fdef667eb8430ea99f6f0e6be383b6d96d2e34cee06f8484007ac5f0699d37989413da9096cdaec45858bf93cfab12bd10c78e7d1d77603e33c8bb795
-
SSDEEP
192:BK+U60DHVQ0eU0bLVJ90pC0iE0i2w0np0X04y7HA5iLoDEHV5iLoDEHFC0s0Ss0w:BK+sD13e7bpJap5iLXWEF7ZooMool5jJ
Malware Config
Targets
-
-
Target
chrome_installer.exe
-
Size
11KB
-
MD5
6acdca7be5d836c34b9b36a073bcd6e5
-
SHA1
200ad2557b2d12257a261221265119ce23b8fa33
-
SHA256
9ec066a49034d8dce7ac26317c58d4b41dc4e2b72a148743c8687a55b68b76be
-
SHA512
17ebe84fdef667eb8430ea99f6f0e6be383b6d96d2e34cee06f8484007ac5f0699d37989413da9096cdaec45858bf93cfab12bd10c78e7d1d77603e33c8bb795
-
SSDEEP
192:BK+U60DHVQ0eU0bLVJ90pC0iE0i2w0np0X04y7HA5iLoDEHV5iLoDEHFC0s0Ss0w:BK+sD13e7bpJap5iLXWEF7ZooMool5jJ
Score10/10-
Panda Stealer payload
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Pandastealer family
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1