Extracted

• • Target

    19d2d1ecaa693fb74b39ac3f3a049f335dafba5d5669b921aab1a2c486ec77df

  • Size

    1.1MB

  • MD5

    863693e30254434532cd8a493f632565

  • SHA1

    f54dbac3ae13df6f842baf253b6e80b0c0a8b47a

  • SHA256

    19d2d1ecaa693fb74b39ac3f3a049f335dafba5d5669b921aab1a2c486ec77df

  • SHA512

    024f5be15c520b4f813b0f7509183666875e2fe6a5aac0e291f663b33e0f8c7c4a64f057278201de84af7aae6085edb54fb98e30890f8136a84d7afb5e02670b

  • SSDEEP

    12288:I5dMOMt/9NH/eNYmItwRHAR315ycgVkIHG9scLKt97NXTPTFyPPeIETaq:4VYLHY0tMgyJZcOt7dyh

  Score

  10^/10

  fickerstealerinfostealerspywarestealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware
  behavioral1behavioral2