General
-
Target
pandabanker_2.5.2.vir
-
Size
336KB
-
Sample
200719-yyw3va2p12
-
MD5
2d3f3577cb6cbe630185a4de29bf4d0e
-
SHA1
da1e0fd15d555adc3f94425f4fd90ad3dc09f0bc
-
SHA256
f7bcc93d67f3de8a08b9b263f62e5107baa6eb746cfbb41cff2b76646e186829
-
SHA512
0302ab0cb6d0a69a10c78a21520e78ce2b058fbad50d7c71b7f8ae68eb23c96ea648c2c9b7ad8226fb030ecfee7703fc613818f701d00c2ccc6050bef62f56c2
Static task
static1
Behavioral task
behavioral1
Sample
pandabanker_2.5.2.vir.exe
Resource
win7
Malware Config
Targets
-
-
Target
pandabanker_2.5.2.vir
-
Size
336KB
-
MD5
2d3f3577cb6cbe630185a4de29bf4d0e
-
SHA1
da1e0fd15d555adc3f94425f4fd90ad3dc09f0bc
-
SHA256
f7bcc93d67f3de8a08b9b263f62e5107baa6eb746cfbb41cff2b76646e186829
-
SHA512
0302ab0cb6d0a69a10c78a21520e78ce2b058fbad50d7c71b7f8ae68eb23c96ea648c2c9b7ad8226fb030ecfee7703fc613818f701d00c2ccc6050bef62f56c2
-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-