Overview

overview

10

Static

static

7

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    178s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02-02-2023 22:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cab726a29297e3feba59120e1f2be6f8c15f29a0acc2008a493dbf0850ecf8d3.exe

  • Size

    3.5MB

  • MD5

    c7e0666ac264eff1d8d9a8d30f7c8d50

  • SHA1

    2a2913f72905a10a60ee3189d8891eedf5a19398

  • SHA256

    cab726a29297e3feba59120e1f2be6f8c15f29a0acc2008a493dbf0850ecf8d3

  • SHA512

    be6183c10f413aa99ecf7a92190670fc81673457c2bc29a5681cf3dce2d6ff3a0ab9a2654e70f3ef5ceef5670565fa80c22a517f3c682c921b0513e4c2a7a2fd

  • SSDEEP

    98304:hjIQmy+KW/U77AZOBTCUw3A1MICMwQEVC8:npW/U7cmCUw9InEVj

Score
10/10
fabookiespywarestealervmprotect

Malware Config

Signatures

  • Detect Fabookie payload 1 IoCs
  • Fabookie

    Fabookie is facebook account info stealer.

    spywarestealerfabookie
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\cab726a29297e3feba59120e1f2be6f8c15f29a0acc2008a493dbf0850ecf8d3.exe
    "C:\Users\Admin\AppData\Local\Temp\cab726a29297e3feba59120e1f2be6f8c15f29a0acc2008a493dbf0850ecf8d3.exe"
    1⤵
      PID:3824

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3824-116-0x0000000140000000-0x000000014061E000-memory.dmp

      Filesize

      6.1MB

      Download