Overview

overview

10

Static

static

7

Resource.exe

windows7-x64

10

Resource.exe

windows10-2004-x64

10

Resource.exe

windows10-ltsc 2021-x64

10

Resource.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Resource.exe

  • Size

    3.5MB

  • Sample

    241208-3yh7ba1lfm

  • MD5

    10a8375392ad7ff460dbc07a627f9259

  • SHA1

    96a5c4480a44840e4a7562afd31171f069fbc3e3

  • SHA256

    96e2e8605a3db028029fa462712808db69520573b7a940990f5afa1a65910e46

  • SHA512

    089f12390b182e83c775adb973275a0dff0c69c9ea6074c25638e7069ae28911fc060491fa34d6202dfa8400e718aa81dce65530f34e110aff17fbc86c07247a

  • SSDEEP

    98304:4mLEmqged7HbxPUimRNilkibvyq/Ta5DLUfd:4mL3QfOimRkkiRau1

Score
10/10
fabookiespywarestealervmprotect

Malware Config

Targets

    • Target

      Resource.exe

    • Size

      3.5MB

    • MD5

      10a8375392ad7ff460dbc07a627f9259

    • SHA1

      96a5c4480a44840e4a7562afd31171f069fbc3e3

    • SHA256

      96e2e8605a3db028029fa462712808db69520573b7a940990f5afa1a65910e46

    • SHA512

      089f12390b182e83c775adb973275a0dff0c69c9ea6074c25638e7069ae28911fc060491fa34d6202dfa8400e718aa81dce65530f34e110aff17fbc86c07247a

    • SSDEEP

      98304:4mLEmqged7HbxPUimRNilkibvyq/Ta5DLUfd:4mL3QfOimRkkiRau1

    Score
    10/10
    fabookiespywarestealervmprotect

    • Detect Fabookie payload

    • Fabookie

      Fabookie is facebook account info stealer.

      spywarestealerfabookie

    • Fabookie family

      fabookie

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks