Overview

overview

10

Static

static

3a74357c64...b5.exe

windows7-x64

10

3a74357c64...b5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a74357c64f3db596be5ed271a97d87dfe9cc919d96d524cc86e3cba786991b5.zip

  • Size

    344KB

  • Sample

    221121-nagk9abf5x

  • MD5

    3c68f05093521fa954f3a50a3b14967d

  • SHA1

    62c33b0e599de025217768c3da11e475459c277b

  • SHA256

    a1fd9c45dba8a2773427c9268e88586402f2a73da4c5d90e843417c891c37180

  • SHA512

    d644a67da7beb954ee269abb98132d62d0c4008a677679b050d8a1bc8f9ed65eb116e4af14d2fc9215b331b52a860ec2198469506aba58a410fcccd3fc1677df

  • SSDEEP

    6144:7zjCF3sTltyS54EDp+k4RU8M120EIYcoa7BZJ+Ksw3wuvsb5Emb/rK:7Ayl1dgkyUssoo/3wuu5xbTK

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

fickitd.link:8080

Targets

    • Target

      3a74357c64f3db596be5ed271a97d87dfe9cc919d96d524cc86e3cba786991b5.exe

    • Size

      450KB

    • MD5

      1f2d5f5d0d9e2b1f1c2578fa486b5d9a

    • SHA1

      66c1aad77ab3a225a364ea4968cde3ee036a3273

    • SHA256

      3a74357c64f3db596be5ed271a97d87dfe9cc919d96d524cc86e3cba786991b5

    • SHA512

      967de776b452c9828aacfcb12f8e743fa406e68a8fe55b0e3b3ef5387a7b39c68db82503c82f9e182a61eba0ee19e255f0bc3eb22e672f70765513f275a62583

    • SSDEEP

      12288:Hdl8dX+FMUc2+Z6i3/VmUxpoex4PUunUv4:HdiXWxR+Z6i3/V9N4zW4

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks