fickerstealer | 5cb17f38814b487c149eb85a8c5c93af3ffef69fa1dedf48b5df229ce5dd4c53

Analysis

max time kernel
146s
max time network
152s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
21-03-2023 13:28

Target

ca47ef826dd05e2b640dd799c6381c1606df996da5f4e8a0c66f785eacc558a8.exe
Size

391KB
MD5

35f5954ec7dcb7b68924afeeaf9be3d1
SHA1

1ba3d62afaf21e8f6aa7ae0cb0fc24c94c102f05
SHA256

ca47ef826dd05e2b640dd799c6381c1606df996da5f4e8a0c66f785eacc558a8
SHA512

92ab0903a919d1dd769c622393e5a2a5d56c78987c86f943a19b0e5dd200b5063d86e4e79dc0f209e095bf19fd44453c418a18b4f37bcc3eb2d58cc905457ec9
SSDEEP

6144:cW3mkqlxrNBKiU6893YBwq3xj4/XjT7d6srMQW+bXvd0GsuFC1OlbPVdWnKfX:Lmk8TZUloBPsPj4KN/d0ouh

Score

10^/10

Family

fickerstealer

blogsme.link:8080

Fickerstealer
Ficker is an infostealer written in Rust and ASM.
infostealer fickerstealer

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

Processes:

flow	ioc
3	api.ipify.org

C:\Users\Admin\AppData\Local\Temp\ca47ef826dd05e2b640dd799c6381c1606df996da5f4e8a0c66f785eacc558a8.exe
"C:\Users\Admin\AppData\Local\Temp\ca47ef826dd05e2b640dd799c6381c1606df996da5f4e8a0c66f785eacc558a8.exe"
1⤵
PID:1992

C:\ProgramData\fasfvv.txt

Filesize
12B

MD5
71d587e911373f62d72a158eceb6e0e7

SHA1
68d81a1a4fb19c609288a94f10d1bbb92d972a68

SHA256
acce61361a3dee677653fa2909f29530202335835c71031ba4dff50682ae5de8

SHA512
a0010c487c8b1eeae82ae82896bf5f48b7ec5573197bbe149b6803093a32b3b470ef0b122278e404cd5df296376bb0629438609997d52c14757ff1c3e6756060

Download Submit
memory/1992-59-0x0000000000400000-0x0000000000468000-memory.dmp

Filesize
416KB

Download