Overview

overview

8

Static

static

pandabanke...ir.exe

windows7_x64

8

pandabanke...ir.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pandabanker_2.1.1.vir

  • Size

    308KB

  • Sample

    200719-tly34e679s

  • MD5

    ed09632e3d549edb8f31eaac5562df7c

  • SHA1

    d78f465ffb433d4f2c9382e22e028709567c7eba

  • SHA256

    62989ab56f11701b109cddf0eb20e995c833078bb40942a8c931589497c25948

  • SHA512

    5a4fd769e5eafd76704eff6138eb25637353bdd4e23c769f327f76e2e3dad6cbae06ce7090b88b1d6802e7dfd94639b4316334435fdc2b4efc8f13226e176e2b

Score
8/10
spyware

Malware Config

Targets

    • Target

      pandabanker_2.1.1.vir

    • Size

      308KB

    • MD5

      ed09632e3d549edb8f31eaac5562df7c

    • SHA1

      d78f465ffb433d4f2c9382e22e028709567c7eba

    • SHA256

      62989ab56f11701b109cddf0eb20e995c833078bb40942a8c931589497c25948

    • SHA512

      5a4fd769e5eafd76704eff6138eb25637353bdd4e23c769f327f76e2e3dad6cbae06ce7090b88b1d6802e7dfd94639b4316334435fdc2b4efc8f13226e176e2b

    Score
    8/10
    spyware

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks