recordbreaker | 5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99 | Triage

Submit
Reports

Overview

overview

Static

static

5d66919291...99.exe

windows7_x64

5d66919291...99.exe

windows10-2004_x64

1

Sharing

General

Target

5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99
Size

55KB
Sample

220616-t2qwwsgaem
MD5

9ea0905f02da6e6ef2e46d5e434ec2e9
SHA1

90acb6ca3f40b72a7ab601b2f781d43ddb5d2bb9
SHA256

5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99
SHA512

243bb29df27ee2d9f4a7974df83f2325ad0b6f1cdab3dd210eb253f0f804bc9a0b56fffacda60ddaac3eec07082d0ca421db6e41eca9cc8d90d91673a899d434

Score

10^/10

recordbreaker discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99.exe

Resource

win7-20220414-en

recordbreaker discovery spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

recordbreaker

C2

http://178.128.94.180

Targets

- Target
  
  5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99
- Size
  
  55KB
- MD5
  
  9ea0905f02da6e6ef2e46d5e434ec2e9
- SHA1
  
  90acb6ca3f40b72a7ab601b2f781d43ddb5d2bb9
- SHA256
  
  5d66919291b68ab8563deedf8d5575fd91460d1adfbd12dba292262a764a5c99
- SHA512
  
  243bb29df27ee2d9f4a7974df83f2325ad0b6f1cdab3dd210eb253f0f804bc9a0b56fffacda60ddaac3eec07082d0ca421db6e41eca9cc8d90d91673a899d434
Score

10^/10

recordbreaker discovery spyware stealer suricata
- RecordBreaker
  RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
  stealer recordbreaker
- suricata: ET MALWARE Generic Stealer Config Download Request
  suricata: ET MALWARE Generic Stealer Config Download Request
  suricata
- suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

recordbreakerdiscoveryspywarestealersuricata

behavioral2

© 2018-2025

Terms | Privacy