fabookie

Sharing

Copy URL

Twitter E-mail

General

Target

mkpub_part_g.zip
Size

452KB
Sample

231006-cna5vagf6s
MD5

d287ef3ca5bc3faad4f6dd38c1378a40
SHA1

5eb9337b868ba9cad3e313b59e3230c2ebc0532b
SHA256

eb25522b7a2bcab8b44846ec951e80e308d32bb166bf01d06ed05c34b51db68a
SHA512

948e337781466f02785ff0f08f34ea8ba2bf648d18f7585441a622ea16637a2d97fe38ab321ad466d059cfc5b586e3f3898ee19cbe629b2f174d8faf482d7b71
SSDEEP

12288:VtjvWPLd5iUVVS05sG3IraRhSLGUVRaKYK:V5vEaaiG4ravRUVRaK

Score

10^/10

Malware Config

Extracted

Family

fabookie

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  d6086904aa3c47a04f9651cad2d2d4be3d50ae93b4bbc5b5b7bd63dc86eb2ec6.bin
- Size
  
  238KB
- MD5
  
  df7eabf56d49ebd775f92fa67a0071d6
- SHA1
  
  7dff8092b62a7f400e3aef760e643ad948d533c5
- SHA256
  
  d6086904aa3c47a04f9651cad2d2d4be3d50ae93b4bbc5b5b7bd63dc86eb2ec6
- SHA512
  
  ecfb1e8e259fbcb45c00c858a90d11a73304baea9f27474c9ffd439177098412f6009dc8f5ef48ab496e82910a5454836a7c33c3e82cbb9dfb5c3866b8a880f6
- SSDEEP
  
  3072:8iPe/BusENL4M8MzYg2GOPSkc+0j6kML3lHq91QQevXDDsC1fxgKT/mqs/KFQizn:LPe/BKVmqkQ6kMB5HnsSFQP
Score

1^/10
behavioral1 behavioral2
- Target
  
  e4d31acd4f6f9a8c85c0c7d946d55e4efd5a2571f54a3b6682e04495f951bd96.bin
- Size
  
  12KB
- MD5
  
  35a0e47267276a8e8882396e4f192a37
- SHA1
  
  a6353f0584ca37d0f783e1a077b524ec54da2a2c
- SHA256
  
  e4d31acd4f6f9a8c85c0c7d946d55e4efd5a2571f54a3b6682e04495f951bd96
- SHA512
  
  e322cf2c200076ced13d097f6cb3a92164a6fc7cfcc7c855161d7bf76397c8eb96be20d347cb609bba1361ac803ba5b23668b02f6c7f62db25b2a025d5e6fc03
- SSDEEP
  
  96:yA/vMth9sDLibql3A44P9QL4fwmPImg+A03PvXLOzk+gqWYV4J6oP/zNt:yw+wGWt94+iANiCkc4Jhp
Score

10^/10

healer dropper evasion trojan
- Detects Healer an antivirus disabler dropper
- Healer
  Healer an antivirus disabler dropper.
  dropper healer
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral3 behavioral4
- Target
  
  eb1a060a2f31ff324b171aa329f0302493bf6d8a573c1142f03b7267fb2a362d.bin
- Size
  
  392KB
- MD5
  
  2634623076a7af62a8479a5cef34b6d0
- SHA1
  
  7f4d567bfbc4c5b8f8f7ea5c614dd909b0ab6ac3
- SHA256
  
  eb1a060a2f31ff324b171aa329f0302493bf6d8a573c1142f03b7267fb2a362d
- SHA512
  
  96921b8cb6399b3a641be8ddcf19b22482a23f458c12bfe67dfce2f94a4f0d95f488a5a1d6ac07426ddc0696fe7345b989101d221afc2f62715a26b812190c5b
- SSDEEP
  
  6144:7kFSoUQrQakAGfCz35Jw66RPalaYNx2aDPUJKpn7jmb5kNkzJ43r7PSAxxOJYJfv:7kFkQUD66RPQnx2aLUJyfmb5kSPZQ
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
behavioral5 behavioral6
- Target
  
  f6147edac0f3bf98bf8360176358fe4b4eeeca097325a501dcd32916b60fbe28.bin
- Size
  
  416KB
- MD5
  
  b72c1dbf8fec4961378a5a369cfa7ee4
- SHA1
  
  47193a3fc3cc9c24c603fa25aa92ca19f1e29a4e
- SHA256
  
  f6147edac0f3bf98bf8360176358fe4b4eeeca097325a501dcd32916b60fbe28
- SHA512
  
  b8f63bd1deb9cbe7d47b3130575792e03d53b7d31fa65c99fdf640f786226d1747d3a556a1f30df03a7973331277e221206c65a22c9d2d4d49ee34dfda1a5f10
- SSDEEP
  
  6144:syUa7AQnwciHMc4oiT4MKBz3I8JWGxerEhgVIXFM:sf4wcAQVrKi61erLIX
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral7 behavioral8