General
-
Target
2a0148060e7ca6aed741389a11ee81bc2f1d4bca6d307d96edfc321f6f49a157
-
Size
283KB
-
Sample
220615-h5cmwsfbg6
-
MD5
1d6a3da46592bba040504ed04b38f49d
-
SHA1
03608dd8c7862ff76914b61b566569da270b3fad
-
SHA256
2a0148060e7ca6aed741389a11ee81bc2f1d4bca6d307d96edfc321f6f49a157
-
SHA512
a6d3d84aee5dee533c32a946e984b92724de5bf4023676954dabfb39eee9eff97016b8694b7c3ad7986dffb3c296a89fb2de62138f7ec3cb1b548f0bfaebd12d
Malware Config
Extracted
fickerstealer
lukkeze.space:80
Targets
-
-
Target
2a0148060e7ca6aed741389a11ee81bc2f1d4bca6d307d96edfc321f6f49a157
-
Size
283KB
-
MD5
1d6a3da46592bba040504ed04b38f49d
-
SHA1
03608dd8c7862ff76914b61b566569da270b3fad
-
SHA256
2a0148060e7ca6aed741389a11ee81bc2f1d4bca6d307d96edfc321f6f49a157
-
SHA512
a6d3d84aee5dee533c32a946e984b92724de5bf4023676954dabfb39eee9eff97016b8694b7c3ad7986dffb3c296a89fb2de62138f7ec3cb1b548f0bfaebd12d
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-