General
-
Target
44c2a6e2123242c6330d3788889cf5216fb71ce0ff2a4823590342e8d3a347f6
-
Size
254KB
-
Sample
220508-t3qmhscdc2
-
MD5
340d6a908fec5ec76341d3daf81860ca
-
SHA1
c7477aab8e5181b5368ab0d16313a0162cdcda2c
-
SHA256
44c2a6e2123242c6330d3788889cf5216fb71ce0ff2a4823590342e8d3a347f6
-
SHA512
007254116e2e2fffb572d3d488c9e358e14aeb6be79258674456e6c706defc0bf65acaa854d2897cdd8f3f83449d5274ac438e75996ee7994bafe515f3665bb8
Static task
static1
Behavioral task
behavioral1
Sample
44c2a6e2123242c6330d3788889cf5216fb71ce0ff2a4823590342e8d3a347f6.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
44c2a6e2123242c6330d3788889cf5216fb71ce0ff2a4823590342e8d3a347f6.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
fickerstealer
sdgserv29.xyz:80
Targets
-
-
Target
44c2a6e2123242c6330d3788889cf5216fb71ce0ff2a4823590342e8d3a347f6
-
Size
254KB
-
MD5
340d6a908fec5ec76341d3daf81860ca
-
SHA1
c7477aab8e5181b5368ab0d16313a0162cdcda2c
-
SHA256
44c2a6e2123242c6330d3788889cf5216fb71ce0ff2a4823590342e8d3a347f6
-
SHA512
007254116e2e2fffb572d3d488c9e358e14aeb6be79258674456e6c706defc0bf65acaa854d2897cdd8f3f83449d5274ac438e75996ee7994bafe515f3665bb8
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-