General
-
Target
a29fba4bd638c25716e64580f929358961064a32644970bc8e0bcca3ca814b1a
-
Size
220KB
-
Sample
220507-27gjeahfa8
-
MD5
625923a8450e9e451007807434d73700
-
SHA1
95951876a44ad983772629b4ee6154a7fc5a02d2
-
SHA256
a29fba4bd638c25716e64580f929358961064a32644970bc8e0bcca3ca814b1a
-
SHA512
30ba9104339135dc2fbbbf1070c97ed813ef1bc4b4a03f388c6bce64d4f764eef9ad4e443cc8c7f6db93eab8b1d0d0c9e44f68c89428ad6bbfc4d3afcd12b4ca
Static task
static1
Behavioral task
behavioral1
Sample
a29fba4bd638c25716e64580f929358961064a32644970bc8e0bcca3ca814b1a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
a29fba4bd638c25716e64580f929358961064a32644970bc8e0bcca3ca814b1a.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
fickerstealer
gzgbnserv639.xyz:80
Targets
-
-
Target
a29fba4bd638c25716e64580f929358961064a32644970bc8e0bcca3ca814b1a
-
Size
220KB
-
MD5
625923a8450e9e451007807434d73700
-
SHA1
95951876a44ad983772629b4ee6154a7fc5a02d2
-
SHA256
a29fba4bd638c25716e64580f929358961064a32644970bc8e0bcca3ca814b1a
-
SHA512
30ba9104339135dc2fbbbf1070c97ed813ef1bc4b4a03f388c6bce64d4f764eef9ad4e443cc8c7f6db93eab8b1d0d0c9e44f68c89428ad6bbfc4d3afcd12b4ca
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-