Extracted

• • Target

    642c7333927b2581ffc854f55793677a203788fb55a53e8916ae58d4cd0828f5

  • Size

    5.7MB

  • MD5

    ddd5bb53200e40fc5b34fd7e6448e815

  • SHA1

    0e55418801977101a01d86661b91708dcbeb77a3

  • SHA256

    642c7333927b2581ffc854f55793677a203788fb55a53e8916ae58d4cd0828f5

  • SHA512

    69251a229641307125d41cb15533384b2bea21713d4b78312bba0a9fdcf772fd238ba78f8f99a4f8a4aa031e0177a6319d740213d6176b2f829ca0bd865da823

  Score

  10^/10

  babadedafickerstealercrypterinfostealerloader

  • Babadeda

    Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

    loadercrypterbabadeda

  • Babadeda Crypter

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Executes dropped EXE

  • Loads dropped DLL

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2