General
-
Target
d4310e308bf2485379ae0e77aebea5c7e102059679c46cc6e0f2839204595573
-
Size
339KB
-
Sample
220630-3gp9ascccj
-
MD5
de7ff305608959256b33926403b6d934
-
SHA1
cdd7a11a5f8bcd7b90af6f8f3b3c0cb566e06bd8
-
SHA256
d4310e308bf2485379ae0e77aebea5c7e102059679c46cc6e0f2839204595573
-
SHA512
70d3c5d8928bc1a5580b189344d6b457f05a0cd1c84a8fa9e271b4c7a14869078c45475bf6c5e826a50ba16d8016c2ca5b565d95ed239ef083dbae0690270bbc
Malware Config
Extracted
fickerstealer
93.114.128.19:80
Targets
-
-
Target
d4310e308bf2485379ae0e77aebea5c7e102059679c46cc6e0f2839204595573
-
Size
339KB
-
MD5
de7ff305608959256b33926403b6d934
-
SHA1
cdd7a11a5f8bcd7b90af6f8f3b3c0cb566e06bd8
-
SHA256
d4310e308bf2485379ae0e77aebea5c7e102059679c46cc6e0f2839204595573
-
SHA512
70d3c5d8928bc1a5580b189344d6b457f05a0cd1c84a8fa9e271b4c7a14869078c45475bf6c5e826a50ba16d8016c2ca5b565d95ed239ef083dbae0690270bbc
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-