Overview

overview

10

Static

static

winprofile

windows7_x64

10

winprofile

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f97835279804b62e667211706cce813179e2571634880770862a5f759fa17c11

  • Size

    1.4MB

  • Sample

    220621-dy4qkscee7

  • MD5

    6a4fe454abe491c0c24c8cfd3c759900

  • SHA1

    0df05c838d2d73f817f25a3441dfe4dc67e26f3d

  • SHA256

    f97835279804b62e667211706cce813179e2571634880770862a5f759fa17c11

  • SHA512

    ec7af66871665f74c87129d2dbda8ceb2be8ecfe64143fd523bdbe97f62d6e37153d9131871c6e1fe7fbe8a71c9a10dfdc277360f1c38f51e08f61b5f8a54825

Score
10/10
recordbreakerstealersuricata

Malware Config

Extracted

Family

recordbreaker

C2

http://82.202.172.185/

Targets

    • Target

      f97835279804b62e667211706cce813179e2571634880770862a5f759fa17c11

    • Size

      1.4MB

    • MD5

      6a4fe454abe491c0c24c8cfd3c759900

    • SHA1

      0df05c838d2d73f817f25a3441dfe4dc67e26f3d

    • SHA256

      f97835279804b62e667211706cce813179e2571634880770862a5f759fa17c11

    • SHA512

      ec7af66871665f74c87129d2dbda8ceb2be8ecfe64143fd523bdbe97f62d6e37153d9131871c6e1fe7fbe8a71c9a10dfdc277360f1c38f51e08f61b5f8a54825

    Score
    10/10
    recordbreakerstealersuricata

    • Raccoon ver2

      Raccoon ver2.

    • RecordBreaker

      RecordBreaker is an information stealer capable of downloading and executing secondary payloads written in C++.

      stealerrecordbreaker

    • suricata: ET MALWARE Generic Stealer Config Download Request

      suricata: ET MALWARE Generic Stealer Config Download Request

      suricata

    • suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

      suricata: ET MALWARE Recordbreaker Stealer CnC Checkin

      suricata

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks