Overview

overview

10

Static

static

10

58d1e77770...c3.exe

windows7-x64

10

58d1e77770...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58d1e777704216e668537c6db64d0178d44071736ed966eb3fc88bc05e6840c3.zip

  • Size

    201KB

  • Sample

    230321-qq6w7acf6x

  • MD5

    53c86f7c343abdcd0a4908386941a88e

  • SHA1

    c24f2d836d5f59bd8e490d1e189625ff6f86d8e9

  • SHA256

    f5f542f8ee99e8d6fd8273cbd8142f5a5d6a1076b25cd6157b12274b81f333da

  • SHA512

    8d0e17c62381277afb15d2309a64e9c68e86bc6f0ecc970c35c3be8d02bb046f1e0804fa57adda9b759d6ead3418aac80afaf6798835ef28d8e2f3aab47240d0

  • SSDEEP

    3072:YmgovmThPArBlUyHiGfCILAP5a5z4Bf0XlJci8rYI4EetmPX9rCKcmuw1HpDH5/W:dg0LHBCezz5X8oFmv9Rb1HdZ1EDwJ4

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

blogsme.link:8080

Targets

    • Target

      58d1e777704216e668537c6db64d0178d44071736ed966eb3fc88bc05e6840c3.exe

    • Size

      391KB

    • MD5

      42281d49da52812c4cd33228af087eaf

    • SHA1

      7779d21fc9d1ea46dc643dfd45fa32ba4f54e6e2

    • SHA256

      58d1e777704216e668537c6db64d0178d44071736ed966eb3fc88bc05e6840c3

    • SHA512

      5bdc8c9f4056a8ba7fd6a03f438e871cec4ded79f1d8886e40b44904626de204341b50b76024309e6d4354fa62d20b2d3e9c0df398013bf20c2808f73c3b65e5

    • SSDEEP

      6144:cW3mkqlxrNBKiU6893YBwq3xj4/XjT7d6srMQW+bXvd0GsuFC1OlbTVdWnKfX:Lmk8TZUloBPsPj4KN/d0ouN

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks