General

  • Target

    1264-229-0x00000000035B0000-0x00000000036E1000-memory.dmp

  • Size

    1.2MB

  • MD5

    9f5ccc0d82975be1cb13e7924f7df0de

  • SHA1

    9bb1b45a340d616b0cb5c2a979e5d96cd199827a

  • SHA256

    ebcb48de6de64ac2f3cdedd79a822a0646a9e602aaf8434c12f104c2fe4914e9

  • SHA512

    fbb34af45ab2d64af52ed4684d2fa5e230eeefbd241c85fae1e2af6f0f99919180687b18a861ca5aadd5e68f6339cd4b3822b88f4ed5b30ff10d7073c14664e3

  • SSDEEP

    24576:3C7CI9TZDEWk1wCy0zaG9cQAq1ftxmbfYQJZKgmb:7I99DEWVtQAqZmn0j

Score
10/10

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Signatures

  • Detect Fabookie payload 1 IoCs
  • Fabookie family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1264-229-0x00000000035B0000-0x00000000036E1000-memory.dmp
    .dll windows:6 windows x64


    Headers

    Sections