Overview

overview

10

Static

static

8a29bcbf03...7e.exe

windows7-x64

10

8a29bcbf03...7e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a29bcbf03060ef20fc961aa70d4befcad90449cf6c957d758dbbd0fb78af57e.zip

  • Size

    286KB

  • Sample

    221114-lql5kage52

  • MD5

    e5319656d3476ac2b8d4ea554e8f5b0e

  • SHA1

    33a39c9d7240ae88ce1ae74a6ff0aa57d15bde45

  • SHA256

    492852ffd931b1b89f70085664ceaca1e4e5af92a78e491bcdc068f9865a1a27

  • SHA512

    940aaf611b646354951235ba2f1ff7888d3c07ef5b90d194ee32d4c8f89491216d1c9d7edc86beb65053ec5e9dd279a3b30d7593204181a9aaf1b0e3829f820b

  • SSDEEP

    6144:WH06PP3nMdtq+SvWzaiXAXhzWV5tCNUtQvrXPjbm6UjCO6p:jGP3M6LW9XYKnkbbih6p

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

asfasfvcxvdbs.com:80

Targets

    • Target

      8a29bcbf03060ef20fc961aa70d4befcad90449cf6c957d758dbbd0fb78af57e.exe

    • Size

      504KB

    • MD5

      0a64aeba3831090941ec8bdc233b8f5f

    • SHA1

      714d910aee7b092440552922c00c07149963e99b

    • SHA256

      8a29bcbf03060ef20fc961aa70d4befcad90449cf6c957d758dbbd0fb78af57e

    • SHA512

      fa1e38cbbfe3a281ed6fc43e8c541b64042ed0037879dd9b3a870e38c4cd4f425906003fa704a613ebeb9523cea8e59df800c39ded6bb954e93eccccb3fdf793

    • SSDEEP

      6144:p/VPiKpzTdVJgQ0YkCUfc9h0RPsjyOs9d/MIXmzVKLzmmXAqXaW0rLFb56dpLN47:XHJTLidCr9hOPuJwZORKnm8AqXaW0rN3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks