fabookie | 837b799d00063dbdf6938b9ace95000db6dbe67a9a790f487d45b766de9bdb5b | Triage

Sharing

General

Target

7f65a6c3980e34e815a8a74420b12cb88ef2abc58e6b91c2026e96ffe5709d41
Size

344KB
Sample

231011-lxd3jafb9y
MD5

b4e941aacfc0e24d7ef8174f72bffc1e
SHA1

90f4382ed4dedceb870f04da72302ec63265bfcb
SHA256

837b799d00063dbdf6938b9ace95000db6dbe67a9a790f487d45b766de9bdb5b
SHA512

c230f99dd258ca5802b0020cbe82aea0046c907e88ec480fdaab5a02972a15f93c8d09036aad06f8a07597fec39ab6fd2a7c3c0029eef2a3108dc8460c59a3d8
SSDEEP

6144:GGy6RhKyBcjX5BBumK04oqAh0mKCtQZFJUU9EA/LKtqkDSGl+xRmPqP:GGy6RhKyKjpx4ox0mp8/UUjD6+eUP

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  7f65a6c3980e34e815a8a74420b12cb88ef2abc58e6b91c2026e96ffe5709d41
- Size
  
  636KB
- MD5
  
  916abe7da167424883e61d39dfbe165a
- SHA1
  
  e789ebc67fb3de4d9b2bd67edddf36157d2c92aa
- SHA256
  
  7f65a6c3980e34e815a8a74420b12cb88ef2abc58e6b91c2026e96ffe5709d41
- SHA512
  
  3251d32889a7b0fba76c9a8e1907a0a245c63ebfd35a5669b87c8123972c2ec9e88ecd0a57d1c3a0f4c5abd6337384e2d90238f54320e180015f6243500719b0
- SSDEEP
  
  6144:MfIWs1kdFDIZQkzJwz9OhcHQU8rATKbGHbI0/tGKP15Vuc7GHbI0/tGKP15Vuc1h:ubfWtcH5049Duca049Duc1y6
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer