General

  • Target

    325ab56e36fa5fd057bf56ae6890591b48a806236935fd251ef1cea58e65b6d6

  • Size

    344KB

  • Sample

    231011-lw94kshc67

  • MD5

    a51432e78e5ad07cd9d474f83199b37a

  • SHA1

    5e10f7bb2c9f908050dca86aa8c49ad6cb460fbe

  • SHA256

    bf3caedc09e30bae5b3b42f992ec2e263b8c4aede5d5c5e927a33e8e1d5b8456

  • SHA512

    a52bb685661dd774f042de668a27d2870a44b3b0aba15cccc40611c67a8786370d8b482d1ed58b959ff6d42de23732d439203279b4b00381159e30a975bfea67

  • SSDEEP

    6144:jGy6RhKyBc8V1Xnz7wIsw0h5rNd5ef2svy4dISEH0sxxYCfKYRgVU8fr5rPo:jGy6RhKyK8HnuzfsBsEusVUar58

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

    • Target

      325ab56e36fa5fd057bf56ae6890591b48a806236935fd251ef1cea58e65b6d6

    • Size

      636KB

    • MD5

      41fb4f5c9f38d701bb0395fb2b414e65

    • SHA1

      24482ba1cc09115191b312fce8f7b73e0439e65d

    • SHA256

      325ab56e36fa5fd057bf56ae6890591b48a806236935fd251ef1cea58e65b6d6

    • SHA512

      7fb38dbea5f8efa450fedb23203824090cc21647eea3855c993ad865d605845dd76e218d15ba3e3e569018b6416c3f39501dd039ca7f2bffa5e3274baeac678a

    • SSDEEP

      6144:MfIWs1kdFDIZakzJwz9OhcHQU8rATKbGHbI0/tGKP15Vuc7GHbI0/tGKP15Vuc1h:ubfQtcH5049Duca049Duc1y6

    • Detect Fabookie payload

    • Fabookie

      Fabookie is facebook account info stealer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks