General
-
Target
pandabanker_2.6.0.vir
-
Size
102KB
-
Sample
200719-pn6bkpexxj
-
MD5
350095ed814f7a603dce0265734cc3f3
-
SHA1
4157f3325e6061fcb1ba9e62318962f3d683d591
-
SHA256
3de467124b098019e59fbdbcd3815db8001f6479e17da506d0c10c0f83dcde7f
-
SHA512
96ca7f5b2b81158666375a3a1d4e55bf8469c14d071b79c2787d1f6cb3701f7c7ce13982dfdae994e4015f3a1de3b2aac817cc5301a98e742cd1cd274b2c511c
Static task
static1
Behavioral task
behavioral1
Sample
pandabanker_2.6.0.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
pandabanker_2.6.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
pandabanker_2.6.0.vir
-
Size
102KB
-
MD5
350095ed814f7a603dce0265734cc3f3
-
SHA1
4157f3325e6061fcb1ba9e62318962f3d683d591
-
SHA256
3de467124b098019e59fbdbcd3815db8001f6479e17da506d0c10c0f83dcde7f
-
SHA512
96ca7f5b2b81158666375a3a1d4e55bf8469c14d071b79c2787d1f6cb3701f7c7ce13982dfdae994e4015f3a1de3b2aac817cc5301a98e742cd1cd274b2c511c
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-