Extracted

• • Target

    3721f9d79d516bd3a1d702d080188e0474a965d66677e1645bce6bc318e238ac.exe

  • Size

    468KB

  • MD5

    8c4eed6cc282b95bf2f9111ec302b0ad

  • SHA1

    f35fb25553e275650ffed48d3c14928ab0672c1c

  • SHA256

    3721f9d79d516bd3a1d702d080188e0474a965d66677e1645bce6bc318e238ac

  • SHA512

    934d674a2b09ac2554bbfdbd4300403937a294a0eddd1e6edc3acde51644b848effeea7416b0b5c1b162df8384938700543ef0fbc1a21a9e546b647a35a5dfe5

  • SSDEEP

    12288:hXmr/ivI/koLcGnrovCNpdE9fA8XaW0rN3:hXmCA/rovWw9ff63

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2