General
-
Target
2dc65e914b35b462126d324363667c820894ffed94668148ddc920737f5f3eeb
-
Size
365KB
-
Sample
220708-vtrznabgbn
-
MD5
d1bc13aaf11591fc62884ba865310b81
-
SHA1
d65938ce221f165544ea3ffa3995c81e6b123c34
-
SHA256
2dc65e914b35b462126d324363667c820894ffed94668148ddc920737f5f3eeb
-
SHA512
ddab81a94deaf5371682f0b7fc253a48eea1c41a800eff1567a72805df6875d2bb45b2926fffb69c3585d06d0c21ae2402cf0bc826d014932fc2589d815c4df8
Malware Config
Extracted
fickerstealer
86.106.181.99:80
Targets
-
-
Target
2dc65e914b35b462126d324363667c820894ffed94668148ddc920737f5f3eeb
-
Size
365KB
-
MD5
d1bc13aaf11591fc62884ba865310b81
-
SHA1
d65938ce221f165544ea3ffa3995c81e6b123c34
-
SHA256
2dc65e914b35b462126d324363667c820894ffed94668148ddc920737f5f3eeb
-
SHA512
ddab81a94deaf5371682f0b7fc253a48eea1c41a800eff1567a72805df6875d2bb45b2926fffb69c3585d06d0c21ae2402cf0bc826d014932fc2589d815c4df8
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-