fabookie | 7b3fcc571bd044954ca0d0276f9b8937fd17bbac425522f74dbc6c45f6ba16c4 | Triage

Sharing

General

Target

f9de699aea1d491fde2316a44ed30baf.bin
Size

177KB
Sample

231101-c2rdzshc6y
MD5

3e2023114e59dfac2f937af466245fd9
SHA1

06fe51b77289a93916dc028c9c2c1628d7455400
SHA256

7b3fcc571bd044954ca0d0276f9b8937fd17bbac425522f74dbc6c45f6ba16c4
SHA512

c5ec6392aed9be079bd9f1d745b9dc462fbae86e902442bf12de16dc1f94653126a518e5ebb1027ddd9e6bdd7fa3d919e9b0854b1f597175a338849daa43071f
SSDEEP

3072:BzL9U/QOAK0kh3rxfisFJBrQM0GEW2dYEGIn4cmiJmJF8qSBKaSmk0a/r832qkS:BzL9jK5h3NigxQM9CwAE8SaSl0m43hz

Score

10^/10

fabookie spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  6a6ec3bdeb4b01c7c1abdab5809ea290487c31010786f81ff64b6152a48274dd.exe
- Size
  
  416KB
- MD5
  
  f9de699aea1d491fde2316a44ed30baf
- SHA1
  
  844316c2ca866eb93bd48803c9b94ba63015dceb
- SHA256
  
  6a6ec3bdeb4b01c7c1abdab5809ea290487c31010786f81ff64b6152a48274dd
- SHA512
  
  2aa9735e2abcd48006a8789c6ba19737f125d9c0c53e2e40c4db75a4a0fe0e7684025b43c940b2cb4d78c58d669dec8fcce239d7299bbaaf24bf18fb7d5d8f7a
- SSDEEP
  
  6144:syUa7AQnwciHMc4oiT4MKBz3I8JUGxerEhgVIXFM:sf4wcAQVrKi6berLIX
Score

10^/10

fabookie spyware stealer
- Detect Fabookie payload
- Fabookie
  Fabookie is facebook account info stealer.
  spyware stealer fabookie
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fabookiespywarestealer

behavioral2

fabookiespywarestealer