Overview

overview

10

Static

static

10

a035d23350...f3.exe

windows7-x64

10

a035d23350...f3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    91s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-02-2024 11:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a035d233500d7f10cc87139f43f51cf3.exe

  • Size

    681KB

  • MD5

    a035d233500d7f10cc87139f43f51cf3

  • SHA1

    46fd3dfd39f98b6f3a201b35eff3e93b8e6ffd4a

  • SHA256

    b2feb2b35a2c7173caaf9f2c64004c768cf8f1ab955aa3323fffe084659ec380

  • SHA512

    5c419c91ee97e3b2bdfb4cfcb9374cb0f7e062e7911f507869bc48cffc5afc2bdf6e888f6f4d9e11cdd423a306f243f89f43f90fd59f93ca7f3442a50dd6d4bb

  • SSDEEP

    12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlXjOz+2:VoJEKZ6IEGTMxapRl2PSwHTehy6Bs+p4

Score
10/10
pandastealerspywarestealer

Malware Config

Signatures

  • PandaStealer

    Panda Stealer is a fork of CollectorProject Stealer written in C++.

    stealerpandastealer
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a035d233500d7f10cc87139f43f51cf3.exe
    "C:\Users\Admin\AppData\Local\Temp\a035d233500d7f10cc87139f43f51cf3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1444

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads