fabookie | 917b10b96e02bd63cc7f46d12a7525489f3ab07676df6fa680aa9ac4be6b01bc | Triage

Sharing

General

Target

469b2933fb4c6772b553e596c05835b1.bin
Size

554KB
Sample

231011-3yb31aee86
MD5

cc192ff108027a6bcfb937bf08dca580
SHA1

acdf6e8d8bf8bf755dafd4af7d6401d4bff4bc1a
SHA256

917b10b96e02bd63cc7f46d12a7525489f3ab07676df6fa680aa9ac4be6b01bc
SHA512

d3195419cdd1dae7574a47fbf86c6104a2288bc5c2ce80fe018a7c31d618796fb7505201aa19cbfd3d870da2478134026f307eb5892ea4884d4ad95d38a431f6
SSDEEP

12288:kJhrkv3fmg4HINWVNOPLtwyy9yOwnmAtosYJVs5:4dkv3fmg4ICNOPhJOwnmAtosYLs5

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  05602d349a9f38b6abf8128dc689f6bb9fa73975cf6a1693b683d2bc7dedb298.exe
- Size
  
  860KB
- MD5
  
  469b2933fb4c6772b553e596c05835b1
- SHA1
  
  7f1372922b7e4c2dbcd839be5bf6a7ac8fe1ab86
- SHA256
  
  05602d349a9f38b6abf8128dc689f6bb9fa73975cf6a1693b683d2bc7dedb298
- SHA512
  
  58707700ecee0f50fe413d08b3817fe7d50ccc4fbfabd27862f335473ffb3171ed8c2ce4386418093abf60469f8270c18a365cbf796049e993d5f46aded00b48
- SSDEEP
  
  12288:V0GetS/ITJqrraq/t2qny6xdRhMAK4vcmPEl0Io:fuS/UEn/tUIMGPEl0I
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer