Overview

overview

10

Static

static

3

325ab56e36...d6.exe

windows7-x64

10

325ab56e36...d6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    325ab56e36fa5fd057bf56ae6890591b48a806236935fd251ef1cea58e65b6d6

  • Size

    344KB

  • Sample

    230928-jm914shc5v

  • MD5

    ff47f102cb53ea57e87ee27860bdde93

  • SHA1

    4b93dc532ff8917e2bfedbe33834862fb8086d07

  • SHA256

    bd216bec14f8280d43f8cb6b3dc9332ba55ed72254afbe7e7b83a85fb472d2f1

  • SHA512

    783a17e62042cdc5d3ecdf45486d1cd63bf1a1d2518112bb9c1055411f862e72a2c54e1dc4f1a022eef3ff6c9a9a49f304b158e1b78fa130ab352624cd8d6ca1

  • SSDEEP

    6144:2Gy6RhKyBc8V1Xnz7wIsw0h5rNd5ef2svy4dISEH0sxxYCfKYRgVU8fr5rPh:2Gy6RhKyK8HnuzfsBsEusVUar5F

Score
10/10
fabookiespywarestealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

    • Target

      325ab56e36fa5fd057bf56ae6890591b48a806236935fd251ef1cea58e65b6d6

    • Size

      636KB

    • MD5

      41fb4f5c9f38d701bb0395fb2b414e65

    • SHA1

      24482ba1cc09115191b312fce8f7b73e0439e65d

    • SHA256

      325ab56e36fa5fd057bf56ae6890591b48a806236935fd251ef1cea58e65b6d6

    • SHA512

      7fb38dbea5f8efa450fedb23203824090cc21647eea3855c993ad865d605845dd76e218d15ba3e3e569018b6416c3f39501dd039ca7f2bffa5e3274baeac678a

    • SSDEEP

      6144:MfIWs1kdFDIZakzJwz9OhcHQU8rATKbGHbI0/tGKP15Vuc7GHbI0/tGKP15Vuc1h:ubfQtcH5049Duca049Duc1y6

    Score
    10/10
    fabookiespywarestealer

    • Detect Fabookie payload

    • Fabookie

      Fabookie is facebook account info stealer.

      spywarestealerfabookie

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks