recordbreaker | 62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975 | Triage

Submit
Reports

Overview

overview

Static

static

6204957505...75.exe

windows7_x64

1

6204957505...75.exe

windows10-2004_x64

Sharing

General

Target

62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975
Size

55KB
Sample

220616-t2qwwsgaen
MD5

7be1483472153324066babf71c683045
SHA1

4436a1c572737a82494d4ddfe91929ce4cd836cd
SHA256

62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975
SHA512

5e0b75f6e3b493d44f29379df4a7b314a266afe7dc121d09eccd801f4a591210b8b0d5b19173c210c9bd89d5abccf82dafe44694cff3596b8f1e2a9398086fd1

Score

10^/10

recordbreaker discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975.exe

Resource

win10v2004-20220414-en

recordbreaker discovery spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

recordbreaker

C2

http://142.132.180.233/

Targets

- Target
  
  62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975
- Size
  
  55KB
- MD5
  
  7be1483472153324066babf71c683045
- SHA1
  
  4436a1c572737a82494d4ddfe91929ce4cd836cd
- SHA256
  
  62049575053b432e93b176da7afcbe49387111b3a3d927b06c5b251ea82e5975
- SHA512
  
  5e0b75f6e3b493d44f29379df4a7b314a266afe7dc121d09eccd801f4a591210b8b0d5b19173c210c9bd89d5abccf82dafe44694cff3596b8f1e2a9398086fd1
Score

10^/10

recordbreaker discovery spyware stealer suricata
- RecordBreaker
  RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
  stealer recordbreaker
- suricata: ET MALWARE Generic Stealer Config Download Request
  suricata: ET MALWARE Generic Stealer Config Download Request
  suricata
- suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

recordbreakerdiscoveryspywarestealersuricata

© 2018-2025

Terms | Privacy