Extracted

• • Target

    3fb6dc0a224d2f078b3d612418164610b6d75a443feaf3d86c05ed450d0dfb6e

  • Size

    318KB

  • MD5

    8852c3aa866b43ac160985259a936909

  • SHA1

    07224a27906830ccfc639fc40f22b70c42f474f5

  • SHA256

    3fb6dc0a224d2f078b3d612418164610b6d75a443feaf3d86c05ed450d0dfb6e

  • SHA512

    6680d0c67dd1f01464bb75e55cd13bdab9f6ec25e8651713b18b0a480ac518d702d4dd056fbf04c2906599a509692b1d9e4ec2d5d299d7301d82ad8f8d9d1ef9

  • SSDEEP

    6144:Q7LVMEVRcd8F0CEWFCOgysfF1OOjOMPi2SZhqZ2NBxu27hRRJb:O5MEVRK+0C3COPQhjOMPiBAZsBxD7/Rh

  Score

  10^/10

  fickerstealerinfostealerspywarestealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2