MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 26e84519f3875d3c579c95ec1694eff8224f75eaec63ae8970bc85ff1479f392. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 26e84519f3875d3c579c95ec1694eff8224f75eaec63ae8970bc85ff1479f392
SHA3-384 hash: 1773bb4322b34c86d034ddf4b12aa40733a5397e279a88b39dcd144b0955cd4ad0b03c4d11c42ea54778394a27a9e7cf
SHA1 hash: 04713802ae0e9f063c38f777697400fe00bb8377
MD5 hash: 8218df9a934a465692fc6dabd33c9026
humanhash: may-coffee-harry-robert
File name:pandabanker_2.6.3.vir
Download: download sample
Signature PandaZeuS
File size:339'968 bytes
First seen:2020-07-19 19:41:50 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash c19933319cf1b11f6244c6117fa02fc3
ssdeep 6144:qKPvXDfwkjKXhLTNUd2MmGcUB6+QLtgQd69Wah7CGrRPg6Mdp0g86:x0hNUd2MaUg+WtgndFjRWPD86
TLSH 2F74DF08FA81D873C49604B24816DB847B7D3C115B3ED4E7ABE14DDE5F781A2AA33386
Reporter @tildedennis
Tags:pandabanker PandaZeuS


Twitter
@tildedennis
pandabanker version 2.6.3

Intelligence


File Origin
# of uploads :
1
# of downloads :
26
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Detection:
ZeusPanda
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Yakes
Status:
Malicious
First seen:
2018-01-29 12:29:42 UTC
AV detection:
23 of 29 (79.31%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
spyware evasion
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Deletes itself
Reads user/profile data of web browsers
Identifies Wine through registry keys
Loads dropped DLL
Reads user/profile data of web browsers
Identifies Wine through registry keys
Executes dropped EXE
Executes dropped EXE
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments