General

  • Target

    pandabanker_2.1.2.vir

  • Size

    336KB

  • Sample

    200719-yhtylecahj

  • MD5

    dfb9784c77e51bfb53d018b7b64381ff

  • SHA1

    ab94e10047ee84e26263fa4c1528295b3c9ef945

  • SHA256

    e4e8aac2107834b2d895fc35d71bb396075d971c650ff173714c3d17956c7da6

  • SHA512

    e5ac07c1cfda0111b5a30fbf04eda166588fba76547220b616f53eed1cbb4a31dd7c79c42c3af4925a8750e6bb87a391ec266b93137f176a302982b7997e3ec2

Score
8/10

Malware Config

Targets

    • Target

      pandabanker_2.1.2.vir

    • Size

      336KB

    • MD5

      dfb9784c77e51bfb53d018b7b64381ff

    • SHA1

      ab94e10047ee84e26263fa4c1528295b3c9ef945

    • SHA256

      e4e8aac2107834b2d895fc35d71bb396075d971c650ff173714c3d17956c7da6

    • SHA512

      e5ac07c1cfda0111b5a30fbf04eda166588fba76547220b616f53eed1cbb4a31dd7c79c42c3af4925a8750e6bb87a391ec266b93137f176a302982b7997e3ec2

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • JavaScript code in executable

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks