fabookie | 636ee30a359c26e082c2418b22220ee358efe404db799e27d981bea2b19837bf | Triage

Sharing

General

Target

PE.#462cc
Size

1.2MB
Sample

240125-s8bj4saac4
MD5

355ed7b82bc753a4e0325451108b3ac7
SHA1

5fbf27267ccd8f1a4bb10a233daf8173a9f8c50e
SHA256

636ee30a359c26e082c2418b22220ee358efe404db799e27d981bea2b19837bf
SHA512

de153c490cefcb1347985a6a7e7a2f4e374562203e1ec15f4ed728fd106a9fb8c5d979b320949a3669546d834db83f031e54083ea6e6ba9ba3ced632f652f870
SSDEEP

24576:3C7CI9TZDEWk1wCy0zaG9cQAH1ftxmbfYQJZKaz+:7I99DEWVtQAHZmn0U

Score

10^/10

fabookie kinsing loader spyware stealer

Malware Config

Extracted

Family

fabookie

C2

http://app.nnnaajjjgc.com/check/safe

Targets

- Target
  
  PE.#462cc
- Size
  
  1.2MB
- MD5
  
  355ed7b82bc753a4e0325451108b3ac7
- SHA1
  
  5fbf27267ccd8f1a4bb10a233daf8173a9f8c50e
- SHA256
  
  636ee30a359c26e082c2418b22220ee358efe404db799e27d981bea2b19837bf
- SHA512
  
  de153c490cefcb1347985a6a7e7a2f4e374562203e1ec15f4ed728fd106a9fb8c5d979b320949a3669546d834db83f031e54083ea6e6ba9ba3ced632f652f870
- SSDEEP
  
  24576:3C7CI9TZDEWk1wCy0zaG9cQAH1ftxmbfYQJZKaz+:7I99DEWVtQAHZmn0U
Score

10^/10

spyware stealer kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderspywarestealer