General

  • Target

    7f65a6c3980e34e815a8a74420b12cb88ef2abc58e6b91c2026e96ffe5709d41

  • Size

    344KB

  • Sample

    231011-lw7cpahc57

  • MD5

    20b3bf79dd2d64d401f273ee36a570c7

  • SHA1

    f385973fd2df00fb62f0e6a19a06facdb5ccf4bf

  • SHA256

    dac122481772efd8795055c56243be891b4cf390f51cdd2999d8c3114ffe5825

  • SHA512

    88872f27c6585b8fab1b8a38a715c0a23898bacfae3d677f183da900559d51343a3dad64a58bdf664daf2426e5bbf0a0e9faf20db07eb9b141a97b0fe41086ce

  • SSDEEP

    6144:EGy6RhKyBcjX5BBumK04oqAh0mKCtQZFJUU9EA/LKtqkDSGl+xRmPqh:EGy6RhKyKjpx4ox0mp8/UUjD6+eUh

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

    • Target

      7f65a6c3980e34e815a8a74420b12cb88ef2abc58e6b91c2026e96ffe5709d41

    • Size

      636KB

    • MD5

      916abe7da167424883e61d39dfbe165a

    • SHA1

      e789ebc67fb3de4d9b2bd67edddf36157d2c92aa

    • SHA256

      7f65a6c3980e34e815a8a74420b12cb88ef2abc58e6b91c2026e96ffe5709d41

    • SHA512

      3251d32889a7b0fba76c9a8e1907a0a245c63ebfd35a5669b87c8123972c2ec9e88ecd0a57d1c3a0f4c5abd6337384e2d90238f54320e180015f6243500719b0

    • SSDEEP

      6144:MfIWs1kdFDIZQkzJwz9OhcHQU8rATKbGHbI0/tGKP15Vuc7GHbI0/tGKP15Vuc1h:ubfWtcH5049Duca049Duc1y6

    • Detect Fabookie payload

    • Fabookie

      Fabookie is facebook account info stealer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks