fakecheck | 39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a | Triage

Sharing

General

Target

39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a
Size

8KB
Sample

240419-w6g6nacb58
MD5

781f3c2cc1cbc7ef8eef255430698ecc
SHA1

be77f9801f0d33a4c77a40e23a26adfa96046c5c
SHA256

39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a
SHA512

6d2b8ff58bad8465caee5c0144c43365697d87711b32a2ee8753ccdb9094b74495718b6c71fec9d755aecf4a03b86b68a54659887acf5222da1bc293e1cc6a8e
SSDEEP

192:cDoLRCMEwtFgmwuY4msVUoWzW19vzX7RO4DiPuw8mC:zndPgmwuLh6oWgxjVbG2wA

Score

10^/10

fakecheck rat spyware stealer

Malware Config

Extracted

Family

fakecheck

C2

https://tosals.ink/uEH5J.html

Targets

- Target
  
  012063e0b7b4f7f3ce50574797112f95492772a9b75fc3d0934a91cc60faa240
- Size
  
  17KB
- MD5
  
  150e53a8c852ac5f23f47aceef452542
- SHA1
  
  a6b272f822b6205526ba56eee936afae1e695b0e
- SHA256
  
  012063e0b7b4f7f3ce50574797112f95492772a9b75fc3d0934a91cc60faa240
- SHA512
  
  acf3b6877d695943208b049566e253cbd822f364e8e161b0f06963aad2d07d0cf9f7314801eebcfa021a11284b313a0ed2688bf03dc82ff0120fdb03bc11a3ba
- SSDEEP
  
  384:Kz+m1kuPZXHcaYbT1AnoKRiwWy8PG8Xj6r:KzrOeZXHYbxcPRixy8e8XjS
Score

10^/10

fakecheck rat spyware stealer
- FakeCheck
  FakeCheck is remote access trojan written in C#.
  rat fakecheck
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fakecheckratspywarestealer

behavioral2

fakecheckratspywarestealer