General
-
Target
A35D2504DBA401C8E94437C954BE3DDD.exe
-
Size
376KB
-
Sample
210426-n2d9hzqkze
-
MD5
a35d2504dba401c8e94437c954be3ddd
-
SHA1
4471c9d722c885713b5ff9e7c8fb6a6e5445f335
-
SHA256
401496db5cb4df2d72b8586fee87a4ff4b1745e8658e58a8fab87d4e7f346666
-
SHA512
4de1c8717d49292bd8c3d22627ad15d55c0c37784beb2d32d8c03db4c57c8e4db3e8206937abb0aa98b5055c5b7b8a723c5c15b2ca3e66b51eaae9ac2029dfda
Static task
static1
Behavioral task
behavioral1
Sample
A35D2504DBA401C8E94437C954BE3DDD.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
A35D2504DBA401C8E94437C954BE3DDD.exe
Resource
win10v20210408
Malware Config
Extracted
fickerstealer
sodaandcoke.top:80
Targets
-
-
Target
A35D2504DBA401C8E94437C954BE3DDD.exe
-
Size
376KB
-
MD5
a35d2504dba401c8e94437c954be3ddd
-
SHA1
4471c9d722c885713b5ff9e7c8fb6a6e5445f335
-
SHA256
401496db5cb4df2d72b8586fee87a4ff4b1745e8658e58a8fab87d4e7f346666
-
SHA512
4de1c8717d49292bd8c3d22627ad15d55c0c37784beb2d32d8c03db4c57c8e4db3e8206937abb0aa98b5055c5b7b8a723c5c15b2ca3e66b51eaae9ac2029dfda
Score10/10-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-