fabookie | 21416ee3e5307d8ffb7eab7d8c7bc0efe2b76c269efd69a14ff10c77f05bf9cf | Triage

Sharing

General

Target

7a6ace94bb9d92d33f2aafdc3799d2ce.bin
Size

147KB
Sample

231013-etpxasde9y
MD5

062ed19c2e8087908b0ae218475e6137
SHA1

1254681d9490f2351d69fb359be8589bd200848b
SHA256

21416ee3e5307d8ffb7eab7d8c7bc0efe2b76c269efd69a14ff10c77f05bf9cf
SHA512

515dbbac99fee3f53da5ecbfd29bf9fb10c5f2f67e0ccb934ab384c5c9fdaa001fb91b8d19daa1d1dc7dddb2a8dcb5e542ac8972f27d90d582c6f8d4fee7d8b7
SSDEEP

3072:6arQYZgVEYr/yjK4IEyGKY6q/yIVo3ZJfooCeaConchosH:x38jkKAyGLZ/VVo3BSPy

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  b07054c987d03e105bf0c826cd0463a01b6565d8fcf4559e6a360bfca713e683.exe
- Size
  
  334KB
- MD5
  
  7a6ace94bb9d92d33f2aafdc3799d2ce
- SHA1
  
  45d5abb2c85f2e3994870b0b745b11ead13fd85f
- SHA256
  
  b07054c987d03e105bf0c826cd0463a01b6565d8fcf4559e6a360bfca713e683
- SHA512
  
  3b65dd219b6e557e8e8526ac847662485043e673e77cb4b5589f3343402bdcfda694a747ef98afe40484a69f1e37672f23299aef5378049a1c2bc0230fdd9ae3
- SSDEEP
  
  6144:zFH8RIT6Fam1StJ3rXDW49Vl7SkDHPiaODgKYleQ4SsP:zWdGXDzP7aMEP
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer