General
-
Target
e94bfd09dc3b73fa96c284fd08d351197b2e6a7b4f2a4d051c76d7f77539639c
-
Size
2.6MB
-
Sample
221023-ckzzssfher
-
MD5
5596e6b3cac3574bd957b86c8250773a
-
SHA1
298016941cfa7095a19fc274137dc0f7dbed2a7a
-
SHA256
e94bfd09dc3b73fa96c284fd08d351197b2e6a7b4f2a4d051c76d7f77539639c
-
SHA512
78dfdc615f3239e655d63e310f6778831a5b384eb28e67099d12aa5a433b79a9a75754cca38f4a1838126b64a8d4aa2af0d482d34ea0b2b89cad91e2f0290870
-
SSDEEP
49152:5vJeIiv6Lcj0hB/8qyTO4LMJDdhK27BYV:5vJ5ivIS0hBDyK4LMJrbY
Malware Config
Targets
-
-
Target
e94bfd09dc3b73fa96c284fd08d351197b2e6a7b4f2a4d051c76d7f77539639c
-
Size
2.6MB
-
MD5
5596e6b3cac3574bd957b86c8250773a
-
SHA1
298016941cfa7095a19fc274137dc0f7dbed2a7a
-
SHA256
e94bfd09dc3b73fa96c284fd08d351197b2e6a7b4f2a4d051c76d7f77539639c
-
SHA512
78dfdc615f3239e655d63e310f6778831a5b384eb28e67099d12aa5a433b79a9a75754cca38f4a1838126b64a8d4aa2af0d482d34ea0b2b89cad91e2f0290870
-
SSDEEP
49152:5vJeIiv6Lcj0hB/8qyTO4LMJDdhK27BYV:5vJ5ivIS0hBDyK4LMJrbY
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-