Overview

overview

10

Static

static

d6a975b058...0b.exe

windows7-x64

10

d6a975b058...0b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6a975b058cbdbf7f0511a2a6d77911bcb413cb622625f2742a8531889d1760b.zip

  • Size

    295KB

  • Sample

    221114-lqhr5sbf4t

  • MD5

    e3376205fd6f5597dd7acb4d234d0fa9

  • SHA1

    0d51d86b2e43335e55e12186620dd9e52d3b467d

  • SHA256

    620024e4656848fdc255c1dcf89a5ebb448b456f28d65d967acc34bca1e0cbb5

  • SHA512

    fbfdfe3702afc9d707ed3dd9bda610b2f06be9f208655831896590e7aa751a8dda16b8a2a5d1484c8990a1fc6a9f785cb67eaee351066b8ab1129556cb16e0fa

  • SSDEEP

    6144:9Xkxz8K8njS1SrAXGUamxIVnJWjWRgX+ZyCjAxfBl5wkZhlvF+dy:+t8K8FrAXa9ijDCMxpl5wGFSy

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

game2030.space:80

Targets

    • Target

      d6a975b058cbdbf7f0511a2a6d77911bcb413cb622625f2742a8531889d1760b.exe

    • Size

      565KB

    • MD5

      5dac23376502cf57b537b51a3b3c2a44

    • SHA1

      47188fa2280b1cd3a6796145dd3f901e364f9ac2

    • SHA256

      d6a975b058cbdbf7f0511a2a6d77911bcb413cb622625f2742a8531889d1760b

    • SHA512

      887db2c456ef44a76dbe66a5862d95300970813fc5cb24e842839c5ee40c1c2df7c3a78b85c11359fb9bc8ef669ee7e5085f8568077cb028b9227b08f6778274

    • SSDEEP

      6144:ODLYQxgtQaFkCLXBIA8VLJo5k4tt0hr7ITsq0L3kGW0rLCb56dpLN4XQKJ3:EsQxgtZFXBIAugH0177bkGW0ra3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks