recordbreaker | 909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7_x64

winprofile

windows10_x64

Sharing

General

Target

909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb
Size

2.2MB
Sample

220621-dt6dlscdb3
MD5

9bb5cd64890efb8694b1aced8dd6f0e9
SHA1

fb216bff00b04b96fb4165f153462906d6d2747c
SHA256

909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb
SHA512

c4e28c19c14796d06e888fe7c0f27064d5a21435b674c519bbb48807cb37003cf532097335f3caa821a7748312f09b2460833573d6e482aaebafc83b8927a67e

Score

10^/10

recordbreaker spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb.exe

Resource

win7-20220414-en

recordbreaker spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb.exe

Resource

win10-20220414-en

recordbreaker spyware stealer suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

recordbreaker

C2

http://51.195.166.204/

Targets

- Target
  
  909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb
- Size
  
  2.2MB
- MD5
  
  9bb5cd64890efb8694b1aced8dd6f0e9
- SHA1
  
  fb216bff00b04b96fb4165f153462906d6d2747c
- SHA256
  
  909875959dd07c5aeb345d5f93e662329866e862eb8bb18d0727aa4d9c72e6eb
- SHA512
  
  c4e28c19c14796d06e888fe7c0f27064d5a21435b674c519bbb48807cb37003cf532097335f3caa821a7748312f09b2460833573d6e482aaebafc83b8927a67e
Score

10^/10

recordbreaker spyware stealer suricata
- Raccoon ver2
  Raccoon ver2.
- RecordBreaker
  RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.
  stealer recordbreaker
- suricata: ET MALWARE Generic Stealer Config Download Request
  suricata: ET MALWARE Generic Stealer Config Download Request
  suricata
- suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata: ET MALWARE Recordbreaker Stealer CnC Checkin
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

recordbreakerspywarestealersuricata

behavioral2

recordbreakerspywarestealersuricata

© 2018-2024

Terms | Privacy