General
-
Target
c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
-
Size
297KB
-
Sample
230129-ylqy6sda2v
-
MD5
6e8736b900bc276dad7b345f39ce93c5
-
SHA1
24698881123d915b5cca7d3843b1df9146ffed3d
-
SHA256
c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
-
SHA512
5e7e458ab959a007cd2a4864d3f24c0c96bfe8ceac94cdbad891bb7813e4c5b5aa551a0ea27f5f6dcf24d7d470afdb60d7103b1d3f55a996247185bf2a152ea6
-
SSDEEP
6144:Qu5F6jEpOLFCySFot9rUXtRlEsMVYP6+/W4uYpybBCpFnnCbsIN0:f5F6jEpOZCxFH9EFGJe4pm8Iq
Malware Config
Extracted
fickerstealer
deniedfight.com:80
Targets
-
-
Target
c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
-
Size
297KB
-
MD5
6e8736b900bc276dad7b345f39ce93c5
-
SHA1
24698881123d915b5cca7d3843b1df9146ffed3d
-
SHA256
c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
-
SHA512
5e7e458ab959a007cd2a4864d3f24c0c96bfe8ceac94cdbad891bb7813e4c5b5aa551a0ea27f5f6dcf24d7d470afdb60d7103b1d3f55a996247185bf2a152ea6
-
SSDEEP
6144:Qu5F6jEpOLFCySFot9rUXtRlEsMVYP6+/W4uYpybBCpFnnCbsIN0:f5F6jEpOZCxFH9EFGJe4pm8Iq
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-