recordbreaker | 3c8a8ea5510a6783932c1681074579e3f01fbdfed2214e12f5bd0a937940fc9c | Triage

Submit
Reports

Overview

overview

Static

static

c1ba15907a...4b.exe

windows7_x64

c1ba15907a...4b.exe

windows10-2004_x64

5

Sharing

General

Target

7602986120.zip
Size

7.6MB
Sample

220617-fwttpsdaf5
MD5

fc292e324a3fac18cab9bbab9be0361c
SHA1

8a7ec25412a187b260e171a848cd2cd9c1c1aa65
SHA256

3c8a8ea5510a6783932c1681074579e3f01fbdfed2214e12f5bd0a937940fc9c
SHA512

70eec6a2ade9ad8c4e09fb9284f9714ea8756bf94a2403471eb28cf897a38d0d4c3ce41e0d1f5ef5ae13d853b0837653b45cd561faea6ee6e3c9e51183042d3d

Score

10^/10

recordbreaker discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

c1ba15907aa6885eb4e97fc12bdb721fee9360ac255834ae1dc6be327113334b.exe

Resource

win7-20220414-en

recordbreaker discovery spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c1ba15907aa6885eb4e97fc12bdb721fee9360ac255834ae1dc6be327113334b.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c1ba15907aa6885eb4e97fc12bdb721fee9360ac255834ae1dc6be327113334b
- Size
  
  647.1MB
- MD5
  
  2894c5244f6ce9f275d7594e4cc471c0
- SHA1
  
  267c66fe5a1a5ee0601c11a649aea4b207adf8e6
- SHA256
  
  c1ba15907aa6885eb4e97fc12bdb721fee9360ac255834ae1dc6be327113334b
- SHA512
  
  b484a18f63a8d47484642059eeb3ecc91a4b7efaec79a0bbe6fc4349630aebc071db6d950c359742e8a09d0ae244168b3893cb422a2bf727f243d416d2c06379
Score

10^/10

recordbreaker discovery spyware stealer suricata
- RecordBreaker
  RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
  stealer recordbreaker
- suricata: ET MALWARE Generic Stealer Config Download Request
  suricata: ET MALWARE Generic Stealer Config Download Request
  suricata
- suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

recordbreakerdiscoveryspywarestealersuricata

behavioral2

© 2018-2025

Terms | Privacy