General
-
Target
048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059
-
Size
55KB
-
Sample
220609-ztaslagec8
-
MD5
1d7d285f77ed5460fe9aada4c04dcfcf
-
SHA1
9c6e393d8b2eac432720518f8991c86ad8fa94b7
-
SHA256
048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059
-
SHA512
cfcd38cd8c12a80ad7d26442979bb5ac44541866810951eaf8d2fc709d1e9cb3cbe187065ff547717d3babe8abf9f98c2b04562dca992b63ff54c5465746f5e4
Malware Config
Targets
-
-
Target
048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059
-
Size
55KB
-
MD5
1d7d285f77ed5460fe9aada4c04dcfcf
-
SHA1
9c6e393d8b2eac432720518f8991c86ad8fa94b7
-
SHA256
048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059
-
SHA512
cfcd38cd8c12a80ad7d26442979bb5ac44541866810951eaf8d2fc709d1e9cb3cbe187065ff547717d3babe8abf9f98c2b04562dca992b63ff54c5465746f5e4
Score10/10-
RecordBreaker
RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
-
suricata: ET MALWARE Generic Stealer Config Download Request
suricata: ET MALWARE Generic Stealer Config Download Request
-
suricata: ET MALWARE Generic Stealer Sending System Information M1
suricata: ET MALWARE Generic Stealer Sending System Information M1
-
suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-