fickerstealer | e2dde7ebde734507d0ae23e37404faab5880655715b452b947ee37b0818be259 | Triage

Sharing

General

Target

3e455eb86a62a185bb0c5446df337d6823c71b743f7ee16d3e2ee643c476d822.zip
Size

357KB
Sample

221130-jvdymsbe35
MD5

32d0a011795d04c93b0bcd4214e2a448
SHA1

346324a9a82ddaa57dca2b44c0663b4918d04803
SHA256

e2dde7ebde734507d0ae23e37404faab5880655715b452b947ee37b0818be259
SHA512

358267f2ce5f0d08bd13b9cddae5e94dc7287720472df9b05a5d1b8248154f08ec2ec1eeaf72922b3a3940de4472c4f5c3c342736ea1ecb8cf04066ff44db846
SSDEEP

6144:Mpbnt025MXzidWJIWGaOnnkrHNtbczVQlzB8CgKmJvOSe4eI/nFNq5N8G27zJxDA:Mpbt0CMXqeXvOn4jcKGrXWGFa6NJxc

Score

10^/10

fickerstealer infostealer

Malware Config

Extracted

Family

fickerstealer

C2

alogsme.link:8080

Targets

- Target
  
  3e455eb86a62a185bb0c5446df337d6823c71b743f7ee16d3e2ee643c476d822.exe
- Size
  
  470KB
- MD5
  
  17098ec6304ab82894d4921a319e26f4
- SHA1
  
  f46f62d4e0d066fae37e24b7afb24fbeab704205
- SHA256
  
  3e455eb86a62a185bb0c5446df337d6823c71b743f7ee16d3e2ee643c476d822
- SHA512
  
  34bb005574a357e4d1e91b6dcec22f9c98d7b3c4a47e463a47d2708e8a43ee996c8f71de74bacb337b27ba1e18f5fd94927cef3317381adefba8e6e50ee9a1f9
- SSDEEP
  
  12288:Fn1jdB0YqAxghPO6X0NYOZvpiUDr+dIFTy9gT6Y:Fn1jIYDIPjkGOmUDr+KFTy9gT6Y
Score

10^/10

fickerstealer infostealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

fickerstealerinfostealer

behavioral2

fickerstealerinfostealer