fickerstealer | a3087f89fde08c1c5c69dd52168abf42d64658abc53d3c094bb886b9942d2f8f | Triage

Submit
Reports

Overview

overview

Static

static

0b54101741...ff.exe

windows7_x64

0b54101741...ff.exe

windows10_x64

Sharing

General

Target

0b5410174129f6dbf798c41730efe2ff.exe
Size

284KB
Sample

210329-567peeqmj6
MD5

0b5410174129f6dbf798c41730efe2ff
SHA1

5a121c20e0b230fb2408286aca5eca9193f62be4
SHA256

a3087f89fde08c1c5c69dd52168abf42d64658abc53d3c094bb886b9942d2f8f
SHA512

2af6619d968b8c875d3f41a403a1d4a543827ece6e26056e9f57c5b5aab041195a7bfca39cfb9e05cd881530810fbb1d4f22ce6b3b79058fe9fc422c148590f0

Score

10^/10

fickerstealer infostealer

Static task

static1

Behavioral task

behavioral1

Sample

0b5410174129f6dbf798c41730efe2ff.exe

Resource

win7v20201028

fickerstealer infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0b5410174129f6dbf798c41730efe2ff.exe

Resource

win10v20201028

fickerstealer infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

fickerstealer

C2

lukkeze.space:80

Targets

- Target
  
  0b5410174129f6dbf798c41730efe2ff.exe
- Size
  
  284KB
- MD5
  
  0b5410174129f6dbf798c41730efe2ff
- SHA1
  
  5a121c20e0b230fb2408286aca5eca9193f62be4
- SHA256
  
  a3087f89fde08c1c5c69dd52168abf42d64658abc53d3c094bb886b9942d2f8f
- SHA512
  
  2af6619d968b8c875d3f41a403a1d4a543827ece6e26056e9f57c5b5aab041195a7bfca39cfb9e05cd881530810fbb1d4f22ce6b3b79058fe9fc422c148590f0
Score

10^/10

fickerstealer infostealer
- fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

fickerstealerinfostealer

behavioral2

fickerstealerinfostealer

© 2018-2024

Terms | Privacy