Overview

overview

10

Static

static

3

SecuriteIn...93.exe

windows7-x64

10

SecuriteIn...93.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-01-2024 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Trojan.DownLoader45.60905.17111.7293.exe

  • Size

    298KB

  • MD5

    0b941f1bb25e443be09efec27f807341

  • SHA1

    2b30cebcfaa3f71d37755a7ffa5afb9184fc5a26

  • SHA256

    7cd7e631e7729dca4ffb4099dc22e95f625ae1ed79ba61a1330bba6072c8ce34

  • SHA512

    678514cb22e5adbaadfb003a618528c586b8b33adc37aadd11ab1c6d7b9afb7801e66347e722d803635e030cc6e4900ff65bcd5bbcb0a0479d14b5be99f7b75e

  • SSDEEP

    6144:k7F5GxMr+PtCE2kWCZ3j9Z0CINiNZpxyN90vE:4FYxMqAEVBkCIWBy90

Score
10/10
fabookiespywarestealer

Malware Config

Signatures

  • Detect Fabookie payload 2 IoCs
  • Fabookie

    Fabookie is facebook account info stealer.

    spywarestealerfabookie
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.DownLoader45.60905.17111.7293.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.DownLoader45.60905.17111.7293.exe"
    1⤵
      PID:2640

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2640-0-0x00007FF7864A0000-0x00007FF7864EE000-memory.dmp

      Filesize

      312KB

      Download

    • memory/2640-9-0x0000000002E40000-0x0000000002F48000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/2640-10-0x0000000003080000-0x00000000031A8000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/2640-13-0x0000000003080000-0x00000000031A8000-memory.dmp

      Filesize

      1.2MB

      Download