Extracted

• • Target

    78dce934e15d7dd8be0038d350f32d1d02128b560fb328f954ce44b7fead353e.exe

  • Size

    470KB

  • MD5

    9fdeed473f923e282c4394ff58191cbc

  • SHA1

    2ba8aafc4717afd8d374448b2193adba7a3d3f11

  • SHA256

    78dce934e15d7dd8be0038d350f32d1d02128b560fb328f954ce44b7fead353e

  • SHA512

    f25a915edb13ab797dcb128050b24aa1da90a0531d7d5d2a482e2c7ad74b2dc9792fdf1db4e75fa474e266718a3cdc47468ad6422c54d9498fce588a3d9ddb95

  • SSDEEP

    6144:i+0ZycPjPPztWO/9adNDF5AJxbjYfC1lAAJB/L1XaW0rLFb56dpLN4XQKJ3:QycPzPztWuad5ebj09AnxXaW0rN3

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2