General

  • Target

    e12ce090cea7b036d254a29f3f826555c948099c9074e599199a434965f2a22a

  • Size

    445KB

  • Sample

    220508-sy8f4aagg5

  • MD5

    17df1d92836a3a88aadfc9e1b1eb9f36

  • SHA1

    eb9f1e4f2c715cc5f41306125e97f590eb0ed8bb

  • SHA256

    e12ce090cea7b036d254a29f3f826555c948099c9074e599199a434965f2a22a

  • SHA512

    59e79fc0dd7792a2c664facc5de3b9e80c68f5e29967b4dfc0d5c9dd76e702be11481033e37727b847412c608c5d84909e7a123c8aef72db6c7a5dc642b4693a

Score
10/10

Malware Config

Extracted

Family

fickerstealer

C2

hetooppentyir.com:80

Targets

    • Target

      e12ce090cea7b036d254a29f3f826555c948099c9074e599199a434965f2a22a

    • Size

      445KB

    • MD5

      17df1d92836a3a88aadfc9e1b1eb9f36

    • SHA1

      eb9f1e4f2c715cc5f41306125e97f590eb0ed8bb

    • SHA256

      e12ce090cea7b036d254a29f3f826555c948099c9074e599199a434965f2a22a

    • SHA512

      59e79fc0dd7792a2c664facc5de3b9e80c68f5e29967b4dfc0d5c9dd76e702be11481033e37727b847412c608c5d84909e7a123c8aef72db6c7a5dc642b4693a

    Score
    10/10
    • suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses

      suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks