General
-
Target
pandabanker_2.6.5.vir
-
Size
189KB
-
Sample
200719-tkw21mp6gs
-
MD5
5c47e3ed6dea436b0f99141bb5799fa9
-
SHA1
4e6169ef0a6dfc2c8253540362f93fedd06774c6
-
SHA256
5782c7ade207fd4415c35bd1e98bad7c3fcaef206fa60f142b8d1062e7103670
-
SHA512
797333f31f93505f74bc80316b68dfc1cc179128edfb0e476e320dd53dbcc5d9fa5a88210f7bcf76a6d10aa2429b542de6c01c2e3b6f5552798a6b134849070c
Malware Config
Targets
-
-
Target
pandabanker_2.6.5.vir
-
Size
189KB
-
MD5
5c47e3ed6dea436b0f99141bb5799fa9
-
SHA1
4e6169ef0a6dfc2c8253540362f93fedd06774c6
-
SHA256
5782c7ade207fd4415c35bd1e98bad7c3fcaef206fa60f142b8d1062e7103670
-
SHA512
797333f31f93505f74bc80316b68dfc1cc179128edfb0e476e320dd53dbcc5d9fa5a88210f7bcf76a6d10aa2429b542de6c01c2e3b6f5552798a6b134849070c
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-