General
-
Target
2a99cf8cc0252a9e972c5a93609bd0b3ba5800338503a05595e39682da47464d
-
Size
219KB
-
Sample
220508-ccyf1afbfm
-
MD5
6512ebe7b578ae11b38cce8957de8d7b
-
SHA1
09f64707ad7b52e7040e61dd494c545052eeb484
-
SHA256
2a99cf8cc0252a9e972c5a93609bd0b3ba5800338503a05595e39682da47464d
-
SHA512
f8b78d5095f33c3992e05dd2845b36061a9cbccb41cdcfeb5a62a659b810693737b224a5b3edccfd316b6dccf3ac1e768e7bc1850f6a696597485a1ba6b97f66
Static task
static1
Behavioral task
behavioral1
Sample
2a99cf8cc0252a9e972c5a93609bd0b3ba5800338503a05595e39682da47464d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2a99cf8cc0252a9e972c5a93609bd0b3ba5800338503a05595e39682da47464d.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
fickerstealer
gavrik.club:80
Targets
-
-
Target
2a99cf8cc0252a9e972c5a93609bd0b3ba5800338503a05595e39682da47464d
-
Size
219KB
-
MD5
6512ebe7b578ae11b38cce8957de8d7b
-
SHA1
09f64707ad7b52e7040e61dd494c545052eeb484
-
SHA256
2a99cf8cc0252a9e972c5a93609bd0b3ba5800338503a05595e39682da47464d
-
SHA512
f8b78d5095f33c3992e05dd2845b36061a9cbccb41cdcfeb5a62a659b810693737b224a5b3edccfd316b6dccf3ac1e768e7bc1850f6a696597485a1ba6b97f66
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-