Overview

overview

10

Static

static

winprofile

windows7_x64

10

winprofile

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0adc96946d9806969375212cfd5012f93cb205c1008b935f6886ba0ffe7fe262

  • Size

    1.4MB

  • Sample

    220621-dtyc1acda3

  • MD5

    3489c407c7328f4976d5b490aad8b145

  • SHA1

    992a53af7a34ed38ebdac5517e067ac029a4bdb2

  • SHA256

    0adc96946d9806969375212cfd5012f93cb205c1008b935f6886ba0ffe7fe262

  • SHA512

    e3c479f3c46e5bb036129fe14e2eb42b0bfa4d0fd80af0617a953f7f86f1deb13af778272d07c4ec24785469681ca3d748f676ab8597c46e944f09bf8ad25e2f

Score
10/10
recordbreakerstealersuricata

Malware Config

Extracted

Family

recordbreaker

C2

http://51.195.166.184/

Targets

    • Target

      0adc96946d9806969375212cfd5012f93cb205c1008b935f6886ba0ffe7fe262

    • Size

      1.4MB

    • MD5

      3489c407c7328f4976d5b490aad8b145

    • SHA1

      992a53af7a34ed38ebdac5517e067ac029a4bdb2

    • SHA256

      0adc96946d9806969375212cfd5012f93cb205c1008b935f6886ba0ffe7fe262

    • SHA512

      e3c479f3c46e5bb036129fe14e2eb42b0bfa4d0fd80af0617a953f7f86f1deb13af778272d07c4ec24785469681ca3d748f676ab8597c46e944f09bf8ad25e2f

    Score
    10/10
    recordbreakerstealersuricata

    • Raccoon ver2

      Raccoon ver2.

    • RecordBreaker

      RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.

      stealerrecordbreaker

    • suricata: ET MALWARE Generic Stealer Config Download Request

      suricata: ET MALWARE Generic Stealer Config Download Request

      suricata

    • suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

      suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

      suricata

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks