fickerstealer | 29e7ddf3f1b318f33dd3c64c4151d64fa9bb001ac396866bed083e1be9927888 | Triage

Sharing

General

Target

1080p.BluRay.x264.AAC5.1-[YTS-MX].Subtitles.Bitrate.7300KB.Samplerate.48.0kHz.zip
Size

2.1MB
Sample

230115-17gczadb22
MD5

4fb42e0cf00d5f6c379fcac291162eaf
SHA1

41674ed470db75332476663e30860791c22d0904
SHA256

29e7ddf3f1b318f33dd3c64c4151d64fa9bb001ac396866bed083e1be9927888
SHA512

527fb4560ed2d8643475ee38d9e2b7aa7bd55fe66000046e7a161dcf8edfe151eddeccf0beba25d70aa92aec1cd4b4b964887bccc5c27b7798e010a9db8deb14
SSDEEP

24576:P1neQk5Zd9jbGEcXqAaEOfSqaodYU0vIKVHslJ:heQ+ZdxBcXqAa/frYTwKVM3

Score

10^/10

fickerstealer infostealer spyware stealer

Malware Config

Extracted

Family

fickerstealer

C2

91.240.118.51:80

Targets

- Target
  
  1080p.BluRay.x264.AAC5.1-[YTS-MX].Subtitles.Bitrate.7300KB.Samplerate.48.0kHz.exe
- Size
  
  1024.0MB
- MD5
  
  0ebaca7442013da31b482cf82aec6c65
- SHA1
  
  2ad19605f72d493a97455b2eb3f8e1bd9d9e8c43
- SHA256
  
  0bbcf8c97c96601be76031955e2feefaddf967e8b027ca4f473461242dbabcdc
- SHA512
  
  94aa9beab56574193e6f7c578bf7bd0f2e7056f678e4468b6f9be8d62860374bffbd7473c1d8b8f54ee701a4453934f1f5385c74125440f8ce8edcff144b0607
- SSDEEP
  
  24576:wpg4R5XpJPEyCAXJGuHluyJZcOt7dyhxmX:wpB54o7HxCZ0
Score

10^/10

fickerstealer infostealer spyware stealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fickerstealerinfostealerspywarestealer