Overview

overview

10

Static

static

048c0113233ddc...59.exe

windows7_x64

10

048c0113233ddc...59.exe

windows10-2004_x64

10
General
Target

048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059

Size

55KB

Sample

220609-ztaslagec8

Score
10/10
MD5

1d7d285f77ed5460fe9aada4c04dcfcf

SHA1

9c6e393d8b2eac432720518f8991c86ad8fa94b7

SHA256

048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059

SHA512

cfcd38cd8c12a80ad7d26442979bb5ac44541866810951eaf8d2fc709d1e9cb3cbe187065ff547717d3babe8abf9f98c2b04562dca992b63ff54c5465746f5e4

Malware Config
Targets
Target

048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059

MD5

1d7d285f77ed5460fe9aada4c04dcfcf

Filesize

55KB

Score
10/10
SHA1

9c6e393d8b2eac432720518f8991c86ad8fa94b7

SHA256

048c0113233ddc1250c269c74c9c9b8e9ad3e4dae3533ff0412d02b06bdf4059

SHA512

cfcd38cd8c12a80ad7d26442979bb5ac44541866810951eaf8d2fc709d1e9cb3cbe187065ff547717d3babe8abf9f98c2b04562dca992b63ff54c5465746f5e4

Tags

Signatures

  • RecordBreaker

    Description

    RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.

    Tags

  • suricata: ET MALWARE Generic Stealer Config Download Request

    Description

    suricata: ET MALWARE Generic Stealer Config Download Request

    Tags

  • suricata: ET MALWARE Generic Stealer Sending System Information M1

    Description

    suricata: ET MALWARE Generic Stealer Sending System Information M1

    Tags

  • suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    Description

    suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

    Tags

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
Command and Control
    Credential Access
    Defense Evasion
      Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    10/10

                    behavioral2

                    Score
                    10/10