Extracted

• • Target

    library_1.exe

  • Size

    374KB

  • MD5

    bb1ddf3a21b160dd2ba87e1b82c0b727

  • SHA1

    b14b195773cf7360780a7fba26854ba95ea416c9

  • SHA256

    65a4c2501e7884a5bd10cf9a294db4c1cb4d7d7866b07b53c652f0a796fa9b74

  • SHA512

    a8dfe9e34fae5b7ab8475c1f8407d02610e7df89ed23bf539bdff9010412c773117581876526638a1a5beba2f9a1526167f85ae428d3fbf858ead96868dfe423

  • SSDEEP

    6144:3V2KL9aMet38WfEuNK7cGs4TW1zlUQJPp6ZjIly6TcjzoRtleclBI/1:3V5BaM10zNKLFWjUuUEDUzmjM/1

  Score

  10^/10

  fickerstealerdiscoveryinfostealerspywarestealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2