fabookie | 6b93e49d0b458ff7424f0e0cb919aef953464e2ebdae09c82286e2a665b2384b | Triage

Sharing

General

Target

NEAS.83330cf6e88ad32365183f31b1fd3bdabin_JC.zip
Size

177KB
Sample

231007-px46haef29
MD5

cf6fbe9f4f13b0370ffb359c8d1d4285
SHA1

b9cc300d645b7415cd2adedcbe6652e060140c8c
SHA256

6b93e49d0b458ff7424f0e0cb919aef953464e2ebdae09c82286e2a665b2384b
SHA512

ca59b305b67ee5dd5c67624562ce48ad4f9ef920d9f8a60efbbe7b3ac7d6ec2ea1804ffdba0a3cba972a5952042885cb8dd3ab1ca81cb41157456b5f4b7524ba
SSDEEP

3072:yLPHEN8ACxuaH49xht0bTRsKm/SVMsnH1Xu00vQbieWyAZBjPqe+CByjD:yL8OACJY9xhtYTRVmT4XwQbippBjPvBk

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  7ce942cdc58ba5fa628d97f991c8a794294c2acfb724efbf0ac887c47942a31e.exe
- Size
  
  416KB
- MD5
  
  83330cf6e88ad32365183f31b1fd3bda
- SHA1
  
  1c5b47be2b8713746de64b39390636a81626d264
- SHA256
  
  7ce942cdc58ba5fa628d97f991c8a794294c2acfb724efbf0ac887c47942a31e
- SHA512
  
  e28a9c47f690b0b0f0dd3b946d9cd59c761803f3826a382208a5b92be1293067b37a39f1141ddda13247b96138a108ce2f85b83de0143d48d4acc94f69a11908
- SSDEEP
  
  6144:syUa7AQnwciHMc4oiT4MKBz3I8JKGxerEhgVIXFM:sf4wcAQVrKi65erLIX
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer