General
-
Target
pandabanker_2.5.5.vir
-
Size
248KB
-
Sample
200719-aman4d3vr2
-
MD5
938fa3c6548d0aed1a89287965159d9d
-
SHA1
24733ff1f3bfa1f3a33b13feac300b77bcebe808
-
SHA256
c3be55a58b2afa08ba8520d981c50ab773113da36b139985ad16e5fab39ac145
-
SHA512
dc0abd08f51f9eedd1187a261590d8dfcfa38cd6724bfd42f9a03719f3fe0c8b4b42263518df915297404db6d30c49fe1c32a4133eedd29ba8417afb8787d271
Malware Config
Targets
-
-
Target
pandabanker_2.5.5.vir
-
Size
248KB
-
MD5
938fa3c6548d0aed1a89287965159d9d
-
SHA1
24733ff1f3bfa1f3a33b13feac300b77bcebe808
-
SHA256
c3be55a58b2afa08ba8520d981c50ab773113da36b139985ad16e5fab39ac145
-
SHA512
dc0abd08f51f9eedd1187a261590d8dfcfa38cd6724bfd42f9a03719f3fe0c8b4b42263518df915297404db6d30c49fe1c32a4133eedd29ba8417afb8787d271
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-