Overview

overview

10

Static

static

3

SecuriteIn...21.exe

windows7-x64

10

SecuriteIn...21.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-01-2024 10:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Trojan.DownLoader45.62336.4021.exe

  • Size

    416KB

  • MD5

    b799142f0247275b950d573fd171fb92

  • SHA1

    7be9070536ab6e85b973590398e7dfff5d4357d9

  • SHA256

    62af2f24a8e53b72b09ff55f94eb0723f491e1bee22fa15b3d938592d391740f

  • SHA512

    4209c0e7e9347ff2a0ac4dcc4fd250ce54b11d29bf30435dd57e94e9ebd32075a66596d983c683a6e935c5ca460a2d52446978e391252851137d54668d867cb2

  • SSDEEP

    6144:vyoFqDQLwcoEHMBoiT4MKBz3I8J/GxerEhgVIXFM:vHpUcoaCVrKi66erLIX

Score
10/10
fabookiespywarestealer

Malware Config

Signatures

  • Detect Fabookie payload 2 IoCs
  • Fabookie

    Fabookie is facebook account info stealer.

    spywarestealerfabookie
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.DownLoader45.62336.4021.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.DownLoader45.62336.4021.exe"
    1⤵
      PID:4960

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4960-0-0x00007FF6A13C0000-0x00007FF6A142A000-memory.dmp

      Filesize

      424KB

      Download

    • memory/4960-11-0x00000000031A0000-0x00000000032A8000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/4960-12-0x00000000033E0000-0x0000000003508000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/4960-15-0x00000000033E0000-0x0000000003508000-memory.dmp

      Filesize

      1.2MB

      Download