General
-
Target
DE11.tmp.exe
-
Size
326KB
-
Sample
210428-vgxznn6sgx
-
MD5
3f80505adbe9e3ca9ac771bb5c5534b4
-
SHA1
ace9127f27fa7e7ec8b9e0b00d536421fe11a0ca
-
SHA256
16dbc40aa9959aef811409bad004175ef135f91f5f57f039444425a44d13e45b
-
SHA512
1ea7ea14d26aaefa5345f0165ea154089e7d7617d68923e2713244099f2116d341cb54352f1b6b5ef5e0b2d8c244412113e111954eca707bdb01b16361197217
Static task
static1
Behavioral task
behavioral1
Sample
DE11.tmp.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
DE11.tmp.exe
Resource
win10v20210410
Malware Config
Extracted
fickerstealer
sodaandcoke.top:80
Targets
-
-
Target
DE11.tmp.exe
-
Size
326KB
-
MD5
3f80505adbe9e3ca9ac771bb5c5534b4
-
SHA1
ace9127f27fa7e7ec8b9e0b00d536421fe11a0ca
-
SHA256
16dbc40aa9959aef811409bad004175ef135f91f5f57f039444425a44d13e45b
-
SHA512
1ea7ea14d26aaefa5345f0165ea154089e7d7617d68923e2713244099f2116d341cb54352f1b6b5ef5e0b2d8c244412113e111954eca707bdb01b16361197217
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-