General
-
Target
aef462feef089ff65636c11a46e3eb050152c35a2239b420426f206ab69be622
-
Size
344KB
-
Sample
230129-ylsg1ada2w
-
MD5
79329781a63ea815865fb4ade911ca7a
-
SHA1
d675a3d89ad3ffce2aa6377508ee3ea4c8810b76
-
SHA256
aef462feef089ff65636c11a46e3eb050152c35a2239b420426f206ab69be622
-
SHA512
255db1840cd1a4e71b39cac8559ca277487a42f0ed71c49dbd104e1960b7e38cd24a309ee8be6a52719bc3ee8a6aa118e9a4fd1cb0b255ca5e17fdab803f9f96
-
SSDEEP
6144:PAf5Wt4vurkVbK9OZbfcZYoZDmCwIVJfVKKNqjEEmmSWpY2wg8C:PRt4GIdKYZbeJZDjfV9cmmS12w0
Malware Config
Extracted
fickerstealer
lukkeze.club:80
Targets
-
-
Target
aef462feef089ff65636c11a46e3eb050152c35a2239b420426f206ab69be622
-
Size
344KB
-
MD5
79329781a63ea815865fb4ade911ca7a
-
SHA1
d675a3d89ad3ffce2aa6377508ee3ea4c8810b76
-
SHA256
aef462feef089ff65636c11a46e3eb050152c35a2239b420426f206ab69be622
-
SHA512
255db1840cd1a4e71b39cac8559ca277487a42f0ed71c49dbd104e1960b7e38cd24a309ee8be6a52719bc3ee8a6aa118e9a4fd1cb0b255ca5e17fdab803f9f96
-
SSDEEP
6144:PAf5Wt4vurkVbK9OZbfcZYoZDmCwIVJfVKKNqjEEmmSWpY2wg8C:PRt4GIdKYZbeJZDjfV9cmmS12w0
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-