General
-
Target
ca383d558c297c28c6808905b72a27d663772ffb8ef0c787c72866dc82e4e0a0
-
Size
255KB
-
Sample
220508-t9z5jaceh3
-
MD5
b3ee5ea799902a9de93c5e26231b2368
-
SHA1
f526ac7faaf1701ad92dc8d74e21fb6275715945
-
SHA256
ca383d558c297c28c6808905b72a27d663772ffb8ef0c787c72866dc82e4e0a0
-
SHA512
67b9563bb83d86efb0022b31ee3fcdb5d1f1084d88d36c01161d7d86e208ca888ca46eb32db2f704bc107dba907ecb29f6f81a984eca27b34293cc03edfce959
Static task
static1
Behavioral task
behavioral1
Sample
ca383d558c297c28c6808905b72a27d663772ffb8ef0c787c72866dc82e4e0a0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ca383d558c297c28c6808905b72a27d663772ffb8ef0c787c72866dc82e4e0a0.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
fickerstealer
185.59.103.34:80
Targets
-
-
Target
ca383d558c297c28c6808905b72a27d663772ffb8ef0c787c72866dc82e4e0a0
-
Size
255KB
-
MD5
b3ee5ea799902a9de93c5e26231b2368
-
SHA1
f526ac7faaf1701ad92dc8d74e21fb6275715945
-
SHA256
ca383d558c297c28c6808905b72a27d663772ffb8ef0c787c72866dc82e4e0a0
-
SHA512
67b9563bb83d86efb0022b31ee3fcdb5d1f1084d88d36c01161d7d86e208ca888ca46eb32db2f704bc107dba907ecb29f6f81a984eca27b34293cc03edfce959
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-