fabookie | 1e66b2be5db88b262f560a35db097484303bc3e346f8e3a12aff51481497d049 | Triage

Sharing

General

Target

51ceadf4bccf5ab2b982aa9eff0aef98.bin
Size

288KB
Sample

231011-jfm8rsca52
MD5

5c3a1daa15582c2fe818ed37f8806b24
SHA1

c90af4b94cc6542fe189a577e1c40f4d9a45d7c6
SHA256

1e66b2be5db88b262f560a35db097484303bc3e346f8e3a12aff51481497d049
SHA512

71ac18f5a9247aa35bf1e0dd2234e364bada5f1c272fb92dd04432343439a0787c7825d5009bd61f4ba2dbce5efdd6dc810721ea04ad4cacad07cd2815c4624a
SSDEEP

6144:7+0NR7IFL19Qow5Spthcsr9YXQ9NQNbmyLqPz5u7G:hC9QsL8XQYmyL4E6

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  892644435c434079e3480917019ebb6bba308377582aca0951617340f7621d18.exe
- Size
  
  715KB
- MD5
  
  51ceadf4bccf5ab2b982aa9eff0aef98
- SHA1
  
  2c0ee90e0a13cb805a0dd0911f54a3031f57fc5c
- SHA256
  
  892644435c434079e3480917019ebb6bba308377582aca0951617340f7621d18
- SHA512
  
  9082f69881ea7ce5816e876e841261cbf37deedd9972c8615f4444aff83850cfa4f7bd7f7b87f26cc61dd559a3f6f09440bb6e45cd362caed67fadaf5c396260
- SSDEEP
  
  6144:XA01NdPuvxQWrSYYaER7ifbiERxQ7cUBmCUiJbc77ZvfuYuEdGxTC2JWf7xLUnwa:Xd25QWWqfb0ShtdGxTC2n5JL
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2