General
-
Target
adobe-air-51-1-1-3.exe
-
Size
5.9MB
-
Sample
241217-xgb4sawjbm
-
MD5
34dba7939065022ad74458acbae28abd
-
SHA1
5f4e6e7cc0f2970068ff1c05189a8dc6881b8d33
-
SHA256
da506fa70f7953e840f3eba28faf557a2038e0b3d0a5105a0ebe3434ee5e9e61
-
SHA512
6271f67b486c7273fd391e4379f987fcce3042947909e97d05290d04469588a94bd501685f686037a400b788d6693e73f7d7799069c772b80da9556322c6cc79
-
SSDEEP
98304:FOB7drLD5C522D5K6O6DWT9dCrVodEdhIW5LkrNcBByeTTC3qdqH2pjin6uYRjUI:gB7drxU22DJVAbAeOIyBBNiKqMbZUI
Static task
static1
Behavioral task
behavioral1
Sample
adobe-air-51-1-1-3.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
adobe-air-51-1-1-3.exe
-
Size
5.9MB
-
MD5
34dba7939065022ad74458acbae28abd
-
SHA1
5f4e6e7cc0f2970068ff1c05189a8dc6881b8d33
-
SHA256
da506fa70f7953e840f3eba28faf557a2038e0b3d0a5105a0ebe3434ee5e9e61
-
SHA512
6271f67b486c7273fd391e4379f987fcce3042947909e97d05290d04469588a94bd501685f686037a400b788d6693e73f7d7799069c772b80da9556322c6cc79
-
SSDEEP
98304:FOB7drLD5C522D5K6O6DWT9dCrVodEdhIW5LkrNcBByeTTC3qdqH2pjin6uYRjUI:gB7drxU22DJVAbAeOIyBBNiKqMbZUI
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
A potential corporate email address has been identified in the URL: [email protected]
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1