General
-
Target
18d546564353cbf11d9e2c0f74cdd19bf6535eb01c691ec466e0354045f226a0
-
Size
973KB
-
Sample
231103-xpdycagg7v
-
MD5
b3e7d6c561c510168048cb656a3c7fa6
-
SHA1
715ce0de0a99feebd7f0bc9daa9c728188e19cb7
-
SHA256
18d546564353cbf11d9e2c0f74cdd19bf6535eb01c691ec466e0354045f226a0
-
SHA512
dbe65f0d47a9b64cf765cbca171647553aa56fcdbaa083b4b16599d1a85334ff3f7130392850e2eb524eab3f0260a141414ab03df6e9bc6a4ec55215dfb7bda2
-
SSDEEP
24576:5YCFCdoKbl2cVdrAXIwK3+X5TNkdBAnlXG6+Z1mbX:nsbl2cVdrKIX+XXkUlXF+Z1I
Malware Config
Targets
-
-
Target
18d546564353cbf11d9e2c0f74cdd19bf6535eb01c691ec466e0354045f226a0
-
Size
973KB
-
MD5
b3e7d6c561c510168048cb656a3c7fa6
-
SHA1
715ce0de0a99feebd7f0bc9daa9c728188e19cb7
-
SHA256
18d546564353cbf11d9e2c0f74cdd19bf6535eb01c691ec466e0354045f226a0
-
SHA512
dbe65f0d47a9b64cf765cbca171647553aa56fcdbaa083b4b16599d1a85334ff3f7130392850e2eb524eab3f0260a141414ab03df6e9bc6a4ec55215dfb7bda2
-
SSDEEP
24576:5YCFCdoKbl2cVdrAXIwK3+X5TNkdBAnlXG6+Z1mbX:nsbl2cVdrKIX+XXkUlXF+Z1I
Score10/10-
Detect Fabookie payload
-
Fabookie
Fabookie is facebook account info stealer.
-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-