recordbreaker | 20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7_x64

winprofile

windows10_x64

Sharing

General

Target

20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161
Size

300KB
Sample

220621-dt46jscda7
MD5

5a7d42ef154a45a749d3ab174323f303
SHA1

51bbb8e59761636e26c985f230d22d8282917594
SHA256

20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161
SHA512

7a6c2fb849cf6886f6a93f57e00db0159cbe1a9f8a592ce928b8e6cb25c5415b63ec8d55c54da8c32363447587f50721b8fccceaa6c3d91c37c400d72f25b4c7

Score

10^/10

recordbreaker stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161.exe

Resource

win7-20220414-en

recordbreaker stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161.exe

Resource

win10-20220414-en

recordbreaker stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

recordbreaker

C2

http://51.195.166.201/

Targets

- Target
  
  20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161
- Size
  
  300KB
- MD5
  
  5a7d42ef154a45a749d3ab174323f303
- SHA1
  
  51bbb8e59761636e26c985f230d22d8282917594
- SHA256
  
  20ca741b731753f1bc981bfceb747dc8f4afb2aeb8694de63114a53d23812161
- SHA512
  
  7a6c2fb849cf6886f6a93f57e00db0159cbe1a9f8a592ce928b8e6cb25c5415b63ec8d55c54da8c32363447587f50721b8fccceaa6c3d91c37c400d72f25b4c7
Score

10^/10

recordbreaker stealer suricata
- Raccoon ver2
  Raccoon ver2.
- RecordBreaker
  RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
  stealer recordbreaker
- suricata: ET MALWARE Generic Stealer Config Download Request
  suricata: ET MALWARE Generic Stealer Config Download Request
  suricata
- suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

recordbreakerstealersuricata

behavioral2

recordbreakerstealer

© 2018-2024

Terms | Privacy