fabookie | 6c321d51e03f703cafa3fb12d2a5130744aef6dd90c60aceb2572758e3ce2441 | Triage

Sharing

General

Target

6c321d51e03f703cafa3fb12d2a5130744aef6dd90c60aceb2572758e3ce2441_JC.exe
Size

420KB
Sample

231011-nfn8aabc7x
MD5

541edbae8caee4137d3fd749c8faa027
SHA1

ed1178ff1393b2598c5f1e40eb863962bc6c626b
SHA256

6c321d51e03f703cafa3fb12d2a5130744aef6dd90c60aceb2572758e3ce2441
SHA512

616a0e8cdee018e5aac996872458034c8f9cd578766436e5031c304fca955fa1c5ac19b6c3d5d7278b61cdb6b7017bcb53298c8aea1176ff4f4bb3783f2435e1
SSDEEP

6144:ulX73J3gYx1K4iIfO9rDDW84t0+eoJAbB3T+cbJp:a3JwYHKGq/S0+5cCIJp

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  6c321d51e03f703cafa3fb12d2a5130744aef6dd90c60aceb2572758e3ce2441_JC.exe
- Size
  
  420KB
- MD5
  
  541edbae8caee4137d3fd749c8faa027
- SHA1
  
  ed1178ff1393b2598c5f1e40eb863962bc6c626b
- SHA256
  
  6c321d51e03f703cafa3fb12d2a5130744aef6dd90c60aceb2572758e3ce2441
- SHA512
  
  616a0e8cdee018e5aac996872458034c8f9cd578766436e5031c304fca955fa1c5ac19b6c3d5d7278b61cdb6b7017bcb53298c8aea1176ff4f4bb3783f2435e1
- SSDEEP
  
  6144:ulX73J3gYx1K4iIfO9rDDW84t0+eoJAbB3T+cbJp:a3JwYHKGq/S0+5cCIJp
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2