General
-
Target
1e44027a981c225935e9ce3beb4e78b58ac11748a136e1a5ebc508d0ac2710dd
-
Size
369KB
-
Sample
220508-t91q3affdm
-
MD5
77afc6e56924e1a39fc7346631b1bcc0
-
SHA1
cf0a7c9611f12d83ee1dc0f3c4b363f879e0c6c6
-
SHA256
1e44027a981c225935e9ce3beb4e78b58ac11748a136e1a5ebc508d0ac2710dd
-
SHA512
7eddb3fbd29b7fd6672ed1a41602cbdae71c24c4f8a0237e2279a0eaee8e9ed141e3a90a50029bddd69f1a49e787b3f19e10cd84ad7d2fcdbedbef8e12d01d57
Static task
static1
Behavioral task
behavioral1
Sample
1e44027a981c225935e9ce3beb4e78b58ac11748a136e1a5ebc508d0ac2710dd.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1e44027a981c225935e9ce3beb4e78b58ac11748a136e1a5ebc508d0ac2710dd.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
fickerstealer
185.59.103.74:80
Targets
-
-
Target
1e44027a981c225935e9ce3beb4e78b58ac11748a136e1a5ebc508d0ac2710dd
-
Size
369KB
-
MD5
77afc6e56924e1a39fc7346631b1bcc0
-
SHA1
cf0a7c9611f12d83ee1dc0f3c4b363f879e0c6c6
-
SHA256
1e44027a981c225935e9ce3beb4e78b58ac11748a136e1a5ebc508d0ac2710dd
-
SHA512
7eddb3fbd29b7fd6672ed1a41602cbdae71c24c4f8a0237e2279a0eaee8e9ed141e3a90a50029bddd69f1a49e787b3f19e10cd84ad7d2fcdbedbef8e12d01d57
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-