Extracted

• • Target

    JaffaCakes118_d6ad64734986199bbf6d312318bd21cb

  • Size

    2.6MB

  • MD5

    d6ad64734986199bbf6d312318bd21cb

  • SHA1

    c9776e8c79d1cc7bc1c39856213f6fb9d42be4c6

  • SHA256

    8e23c0b1b1617d8438f11ef20a94d0b24216e1abedb4d0d6757281d0a34e9df5

  • SHA512

    b64b58719da36c0c62ba7951a291c3e49bdfef4939db4f1f275e6ae18d6c2512d97944aec6ac62c02c13a5bb6544c3a552d401f97fdc4dda5b828bf3a006033d

  • SSDEEP

    49152:95+hFmN/iiWqwFcIWqR2/QMlCJEV4SS+WENZTNalxiz8lVHTIioOFZQ+f:95aFmN/4qwFcL/5lqEGSSLEN/alxiqZD

  Score

  10^/10

  pandastealerdiscoveryspywarestealer

  • Panda Stealer payload

  • PandaStealer

    Panda Stealer is a fork of CollectorProject Stealer written in C++.

    stealerpandastealer

  • Pandastealer family

    pandastealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2