fabookie | a302bc1bdfa51e0ff8433b56c231a42e5bce39ad47b7346ee8e3c33e359d55d9 | Triage

Sharing

General

Target

428f02bcb39dd6f73493dd55f55e263e.exe
Size

416KB
Sample

231007-f9expshd2x
MD5

428f02bcb39dd6f73493dd55f55e263e
SHA1

0e0ca90f5559dbfa6d67be821543a0d659b45074
SHA256

a302bc1bdfa51e0ff8433b56c231a42e5bce39ad47b7346ee8e3c33e359d55d9
SHA512

c6a7301a9f977eccc8bcdb11311215b481a9dd6b61bfd955ab42b891da715049ce58fccf52dac3c67750bc4e8804f37113664496ff73c318ba8e4f214481ff16
SSDEEP

6144:syUa7AQnwciHMc4oiT4MKBz3I8JiGxerEhgVIXFM:sf4wcAQVrKi6BerLIX

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  428f02bcb39dd6f73493dd55f55e263e.exe
- Size
  
  416KB
- MD5
  
  428f02bcb39dd6f73493dd55f55e263e
- SHA1
  
  0e0ca90f5559dbfa6d67be821543a0d659b45074
- SHA256
  
  a302bc1bdfa51e0ff8433b56c231a42e5bce39ad47b7346ee8e3c33e359d55d9
- SHA512
  
  c6a7301a9f977eccc8bcdb11311215b481a9dd6b61bfd955ab42b891da715049ce58fccf52dac3c67750bc4e8804f37113664496ff73c318ba8e4f214481ff16
- SSDEEP
  
  6144:syUa7AQnwciHMc4oiT4MKBz3I8JiGxerEhgVIXFM:sf4wcAQVrKi6BerLIX
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer