Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2023, 03:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cbcd85f61ac97a992bb98b2c3e101d0b09dfcafdd3ea6a77c7d31819800646d1.exe

  • Size

    292KB

  • MD5

    8b54cc3d1a7fe5cf23333f0edfba4abb

  • SHA1

    ae9d0105b54e54b34814875e67e272231f38b516

  • SHA256

    cbcd85f61ac97a992bb98b2c3e101d0b09dfcafdd3ea6a77c7d31819800646d1

  • SHA512

    8bbbd6e582dd2d84912a25c4abb70d1b545177f7e044f1450185c1d2b459bcf8e6d83c6b225515fdac9e5e67d64c0abbc96b8c4eb7bf55ee842693f8d609dabf

  • SSDEEP

    6144:Z8pJxVjZBkhQ5KsYNJdA6NZ+BPMMMUcMUDyu5Wp2i7UdSGZRW:GpJxLWNbp8P2iUd

Score
10/10
fabookiespywarestealer

Malware Config

Signatures

  • Detect Fabookie payload 2 IoCs
  • Fabookie

    Fabookie is facebook account info stealer.

    spywarestealerfabookie
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\cbcd85f61ac97a992bb98b2c3e101d0b09dfcafdd3ea6a77c7d31819800646d1.exe
    "C:\Users\Admin\AppData\Local\Temp\cbcd85f61ac97a992bb98b2c3e101d0b09dfcafdd3ea6a77c7d31819800646d1.exe"
    1⤵
      PID:1868

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1868-133-0x00007FF6795D0000-0x00007FF67961D000-memory.dmp

      Filesize

      308KB

      Download

    • memory/1868-136-0x0000000003150000-0x00000000032C0000-memory.dmp

      Filesize

      1.4MB

      Download

    • memory/1868-137-0x00000000032C0000-0x00000000033F1000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/1868-140-0x00000000032C0000-0x00000000033F1000-memory.dmp

      Filesize

      1.2MB

      Download