fabookie | b9e487130cbb85c9e74cb56f2305621595de918bf921bf6d97190cf2d8498767 | Triage

Sharing

General

Target

2273152b5565d0d47b6c59cb5099dc76.bin
Size

147KB
Sample

231013-ezc5paff73
MD5

d4b64bda2e084d53854794781d37787a
SHA1

4424462915b3df0b98a52bb02f76d8c56b38bd9d
SHA256

b9e487130cbb85c9e74cb56f2305621595de918bf921bf6d97190cf2d8498767
SHA512

f95a4b128944d21ccafb5506eb0c50fb60034ce55124c302b4851f788069bf5b48ceacebdb224aad5fa752a3805f3621616bbebef2768c23d8f4fa118fc06275
SSDEEP

3072:uccZRpWBzI4Z0L0JsuFlGoAd1UBgxWRKNG9spabmz1DZKM56:/cKE4uLG/GndrWR39sQeZKO6

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  4389fc9e95b214ac7cf515931ae9153450bcd4ccd7b7bad6a498da723ad602af.exe
- Size
  
  334KB
- MD5
  
  2273152b5565d0d47b6c59cb5099dc76
- SHA1
  
  9d07cd1365117a602b696fe15d0e49b7cb5322b8
- SHA256
  
  4389fc9e95b214ac7cf515931ae9153450bcd4ccd7b7bad6a498da723ad602af
- SHA512
  
  1d8f6cb90f54554027436b34eba07833bd4dda01b1b3f3321ac13ae3d842cdecabcb8ee7e3692f992f1d81d51ef8762204ef3c61d616d6eefbcec12c633e670b
- SSDEEP
  
  6144:zFH8RIT6Fam1StJ3rXDW49Vl7SkDHPiaODgKYleQ4S4P:zWdGXDzP7aMAP
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer