Analysis
-
max time kernel
40s -
max time network
52s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
10-06-2022 18:07
Static task
static1
Behavioral task
behavioral1
Sample
d3b492cf1b98b184b1a6c24c79c57bf8acd7c67fde824192819e07f597b3a997.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
d3b492cf1b98b184b1a6c24c79c57bf8acd7c67fde824192819e07f597b3a997.exe
Score
10/10
Malware Config
Extracted
Family
recordbreaker
C2
http://retro-rave.xyz/
Signatures
-
RecordBreaker
RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
-
suricata: ET MALWARE Generic Stealer Config Download Request
suricata: ET MALWARE Generic Stealer Config Download Request
-
suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 1276 d3b492cf1b98b184b1a6c24c79c57bf8acd7c67fde824192819e07f597b3a997.exe 1276 d3b492cf1b98b184b1a6c24c79c57bf8acd7c67fde824192819e07f597b3a997.exe