Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    128s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2023, 22:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    397KB

  • MD5

    9ec07057459384cecfe2a90c89fa5f61

  • SHA1

    c2230fa50665a5837f189820184ed06a1ac9d0a8

  • SHA256

    385085d13fce8c2645337c072a9178fa3adc98b1382b9c7c9c29c3c3c1177dd2

  • SHA512

    d2e06abb85018f0946256ed2a18e43a952c22381429dfca1e5c29fa6c568b3c28eabd6305798eeead7abe1e5452825b18f607442d9cf7ad04cd19258950880c2

  • SSDEEP

    1536:qyKJMVJCvWuOCWqeyGaOi2K+Sm6uCWqe+aOi2K+Sm6uuCuCWqeyGaOi2K+Sm6uC2:qXJMqeuaXnAYy4AZ6DvcgJFW

Score
10/10
fabookiespywarestealer

Malware Config

Signatures

  • Detect Fabookie payload 2 IoCs
  • Fabookie

    Fabookie is facebook account info stealer.

    spywarestealerfabookie
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
      PID:3224

    Network

          MITRE ATT&CK Enterprise v6

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3224-135-0x0000000003580000-0x00000000036F0000-memory.dmp

            Filesize

            1.4MB

            Download

          • memory/3224-136-0x00000000036F0000-0x0000000003821000-memory.dmp

            Filesize

            1.2MB

            Download

          • memory/3224-139-0x00000000036F0000-0x0000000003821000-memory.dmp

            Filesize

            1.2MB

            Download