fabookie | 9d35a2153846ecea71060d69014279cb526f8b432913d02759c5023a81c62d59 | Triage

Sharing

General

Target

5fc5f085acfa0071db7d7ecaca696650_JaffaCakes118
Size

1.3MB
Sample

240331-2awbasec42
MD5

5fc5f085acfa0071db7d7ecaca696650
SHA1

a756cd5b994f5afe33a4692352bae57a9f5313a3
SHA256

9d35a2153846ecea71060d69014279cb526f8b432913d02759c5023a81c62d59
SHA512

83c46365757b7f17f97409c2b8c55ab2bdb548b58ae5472d17568a0d2caa3d37f11e8e99d756043ca8e359b788394d92d7c6f98145d0f8c18fcd4fd1839d7be9
SSDEEP

24576:nkg6rJg7+sAKWHUUuxRfAmBJOQEhP4v4qLq/nbFtU+a1Svk7t:nulgSsAtHUdTzOQoP0Lq/xh9vkZ

Score

10^/10

fabookie spyware stealer

Malware Config

Targets

- Target
  
  5fc5f085acfa0071db7d7ecaca696650_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  5fc5f085acfa0071db7d7ecaca696650
- SHA1
  
  a756cd5b994f5afe33a4692352bae57a9f5313a3
- SHA256
  
  9d35a2153846ecea71060d69014279cb526f8b432913d02759c5023a81c62d59
- SHA512
  
  83c46365757b7f17f97409c2b8c55ab2bdb548b58ae5472d17568a0d2caa3d37f11e8e99d756043ca8e359b788394d92d7c6f98145d0f8c18fcd4fd1839d7be9
- SSDEEP
  
  24576:nkg6rJg7+sAKWHUUuxRfAmBJOQEhP4v4qLq/nbFtU+a1Svk7t:nulgSsAtHUdTzOQoP0Lq/xh9vkZ
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2