recordbreaker | 9cb6c1c7c3e62531baef80a60a81a21790d25a1fadeb136e156cf15348ceb55d | Triage

Submit
Reports

Overview

overview

Static

static

Setup1Crakeds.exe

windows7_x64

Setup1Crakeds.exe

windows10-2004_x64

Sharing

General

Target

PA$$w0rds_1234__FilerSetup2--P3.rar
Size

7.0MB
Sample

220616-n19pqaefdq
MD5

a10b8cbd560a760537680c211abec969
SHA1

87e5bf4c3ebc36a8311d4a224d3508c667d1e35f
SHA256

9cb6c1c7c3e62531baef80a60a81a21790d25a1fadeb136e156cf15348ceb55d
SHA512

52732cf8834e90f929f45cce197493ab4cf420cc9562d6ca02093b4ffc529276d3e8cdbdc6a093c8f37b2bf553a6caf0ddeeba6f522c0ed6e243bd4fcf99b82b

Score

10^/10

recordbreaker discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

Setup1Crakeds.exe

Resource

win7-20220414-en

recordbreaker discovery spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Setup1Crakeds.exe

Resource

win10v2004-20220414-en

recordbreaker discovery spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Setup1Crakeds.exe
- Size
  
  727.2MB
- MD5
  
  199d352706be0428eb796c97e2706539
- SHA1
  
  d43878527ef974ae3921795a0ad31cc2d7862c0d
- SHA256
  
  2aebf18a5066221efc64205de32a15c073dd657f220406f433fd98e8c3a3cac6
- SHA512
  
  5e7cceff411bdc0e7bd330a953487b5982b96cd3317087a7bb086225a2e6b692ec08adc841bc0b4ff7ff52c58f9e0550f100f367edd8085c744bd4cd97c838ce
Score

10^/10

recordbreaker discovery spyware stealer suricata
- RecordBreaker
  RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
  stealer recordbreaker
- suricata: ET MALWARE Generic Stealer Config Download Request
  suricata: ET MALWARE Generic Stealer Config Download Request
  suricata
- suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

recordbreakerdiscoveryspywarestealersuricata

behavioral2

recordbreakerdiscoveryspywarestealersuricata

© 2018-2025

Terms | Privacy