General
-
Target
02a07e2a25d19de8006fced52daaf0a5d179a46468755609b3a2254095342faf
-
Size
286KB
-
Sample
220528-d5dsqsbeap
-
MD5
b80869baf5276044cf97ed3170871e65
-
SHA1
31438e0c5b6d93ecc48a7c8c8bcae8d0b883da00
-
SHA256
02a07e2a25d19de8006fced52daaf0a5d179a46468755609b3a2254095342faf
-
SHA512
4c71f791a6640700e822d60fcc9d3b224c2ced41cd762aec97177916e7f77481910918ab5637f2e59592d28babd4b64ed7ed91e0945b7395b8965185bc48cf12
Malware Config
Extracted
fickerstealer
lukkeze.space:80
Targets
-
-
Target
02a07e2a25d19de8006fced52daaf0a5d179a46468755609b3a2254095342faf
-
Size
286KB
-
MD5
b80869baf5276044cf97ed3170871e65
-
SHA1
31438e0c5b6d93ecc48a7c8c8bcae8d0b883da00
-
SHA256
02a07e2a25d19de8006fced52daaf0a5d179a46468755609b3a2254095342faf
-
SHA512
4c71f791a6640700e822d60fcc9d3b224c2ced41cd762aec97177916e7f77481910918ab5637f2e59592d28babd4b64ed7ed91e0945b7395b8965185bc48cf12
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-