fabookie | b23319a38a563625b6b6b4ea64d9608882011626aab8f59ff313be46f522278e | Triage

Sharing

General

Target

file.exe
Size

636KB
Sample

231012-chxfwshf6s
MD5

c101e54fcffce8ffa74cb00232a8aed2
SHA1

a3a1c6fd8cf090094830a7cf319dad0be666d36c
SHA256

b23319a38a563625b6b6b4ea64d9608882011626aab8f59ff313be46f522278e
SHA512

e43bd7795735f9272af68bd1420eebe391ef7d20221a51ad9f21ed56abd817b466a255dcad4eaa5cbf6070e6572ef0f57ac486bc699d634df02990b6a5f19b21
SSDEEP

6144:JfIJs1RHFDIOFkzJwz9OhcHQU8rATKbGHbI0/tGKP15Vuc7GHbI0/tGKP15Vuc1h:dYmctcH5049Duca049Duc1y6

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  file.exe
- Size
  
  636KB
- MD5
  
  c101e54fcffce8ffa74cb00232a8aed2
- SHA1
  
  a3a1c6fd8cf090094830a7cf319dad0be666d36c
- SHA256
  
  b23319a38a563625b6b6b4ea64d9608882011626aab8f59ff313be46f522278e
- SHA512
  
  e43bd7795735f9272af68bd1420eebe391ef7d20221a51ad9f21ed56abd817b466a255dcad4eaa5cbf6070e6572ef0f57ac486bc699d634df02990b6a5f19b21
- SSDEEP
  
  6144:JfIJs1RHFDIOFkzJwz9OhcHQU8rATKbGHbI0/tGKP15Vuc7GHbI0/tGKP15Vuc1h:dYmctcH5049Duca049Duc1y6
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer