Extracted

• • Target

    5479eb1689d8a881fc4dcbf71d6c3d3790a13e9f7f0c5301ce7b640bc3a28d61

  • Size

    339KB

  • MD5

    3cc0c16920f6511314974d054b3d1ae6

  • SHA1

    b7f26817011ed9623e9ddec1ac98dc9ee5885b6d

  • SHA256

    5479eb1689d8a881fc4dcbf71d6c3d3790a13e9f7f0c5301ce7b640bc3a28d61

  • SHA512

    7b481182709eb32dd049a5ff2891ff6287a1ab3fea73cf8a13edef99913ef7dcdb813c2a01202136b370d344fbcd4ab3ba3662ee78dfb5442a2b6ad5d2a8e9fa

  Score

  10^/10

  fickerstealerinfostealerupx

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2