Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1080p.BluRay.x264.AAC5.1-[YTS-MX].Subtitles.Bitrate.7300KB.Samplerate.48.0kHz.zip

  • Size

    2.1MB

  • Sample

    230115-17gczadb22

  • MD5

    4fb42e0cf00d5f6c379fcac291162eaf

  • SHA1

    41674ed470db75332476663e30860791c22d0904

  • SHA256

    29e7ddf3f1b318f33dd3c64c4151d64fa9bb001ac396866bed083e1be9927888

  • SHA512

    527fb4560ed2d8643475ee38d9e2b7aa7bd55fe66000046e7a161dcf8edfe151eddeccf0beba25d70aa92aec1cd4b4b964887bccc5c27b7798e010a9db8deb14

  • SSDEEP

    24576:P1neQk5Zd9jbGEcXqAaEOfSqaodYU0vIKVHslJ:heQ+ZdxBcXqAa/frYTwKVM3

Malware Config

Extracted

Family

fickerstealer

C2

91.240.118.51:80

Targets

    • Target

      1080p.BluRay.x264.AAC5.1-[YTS-MX].Subtitles.Bitrate.7300KB.Samplerate.48.0kHz.exe

    • Size

      1024.0MB

    • MD5

      0ebaca7442013da31b482cf82aec6c65

    • SHA1

      2ad19605f72d493a97455b2eb3f8e1bd9d9e8c43

    • SHA256

      0bbcf8c97c96601be76031955e2feefaddf967e8b027ca4f473461242dbabcdc

    • SHA512

      94aa9beab56574193e6f7c578bf7bd0f2e7056f678e4468b6f9be8d62860374bffbd7473c1d8b8f54ee701a4453934f1f5385c74125440f8ce8edcff144b0607

    • SSDEEP

      24576:wpg4R5XpJPEyCAXJGuHluyJZcOt7dyhxmX:wpB54o7HxCZ0

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks