fabookie | 892644435c434079e3480917019ebb6bba308377582aca0951617340f7621d18 | Triage

Sharing

General

Target

file.exe
Size

715KB
Sample

231011-nlvl9adh72
MD5

51ceadf4bccf5ab2b982aa9eff0aef98
SHA1

2c0ee90e0a13cb805a0dd0911f54a3031f57fc5c
SHA256

892644435c434079e3480917019ebb6bba308377582aca0951617340f7621d18
SHA512

9082f69881ea7ce5816e876e841261cbf37deedd9972c8615f4444aff83850cfa4f7bd7f7b87f26cc61dd559a3f6f09440bb6e45cd362caed67fadaf5c396260
SSDEEP

6144:XA01NdPuvxQWrSYYaER7ifbiERxQ7cUBmCUiJbc77ZvfuYuEdGxTC2JWf7xLUnwa:Xd25QWWqfb0ShtdGxTC2n5JL

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  file.exe
- Size
  
  715KB
- MD5
  
  51ceadf4bccf5ab2b982aa9eff0aef98
- SHA1
  
  2c0ee90e0a13cb805a0dd0911f54a3031f57fc5c
- SHA256
  
  892644435c434079e3480917019ebb6bba308377582aca0951617340f7621d18
- SHA512
  
  9082f69881ea7ce5816e876e841261cbf37deedd9972c8615f4444aff83850cfa4f7bd7f7b87f26cc61dd559a3f6f09440bb6e45cd362caed67fadaf5c396260
- SSDEEP
  
  6144:XA01NdPuvxQWrSYYaER7ifbiERxQ7cUBmCUiJbc77ZvfuYuEdGxTC2JWf7xLUnwa:Xd25QWWqfb0ShtdGxTC2n5JL
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2