fickerstealer | ac73c59c91cfb03d8508d14e7f1a1ff390e69788fbeacfee16b17b9e102ce1a6 | Triage

Sharing

General

Target

Setup.exe
Size

1.9MB
Sample

230401-28x8jsdc95
MD5

5c26d865ebc77c13581432d81cf4b20e
SHA1

0867a90d187f9bdec6fd76d0b5916a6ea67d2407
SHA256

ac73c59c91cfb03d8508d14e7f1a1ff390e69788fbeacfee16b17b9e102ce1a6
SHA512

72219c33c217255ac6c933a71764fa7352f4383278f008312f1a7d2e242f05defccf191b581bc0d61dec9fd9b21a5e6b5cf817f307b75d57d1c02e95ff7cb54c
SSDEEP

49152:EWMn2d/BRoXdCtEnSVw0cwonfMOY7REYr4nN:EWQcefSROYNJr4

Score

10^/10

fickerstealer infostealer persistence spyware stealer

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  1.9MB
- MD5
  
  5c26d865ebc77c13581432d81cf4b20e
- SHA1
  
  0867a90d187f9bdec6fd76d0b5916a6ea67d2407
- SHA256
  
  ac73c59c91cfb03d8508d14e7f1a1ff390e69788fbeacfee16b17b9e102ce1a6
- SHA512
  
  72219c33c217255ac6c933a71764fa7352f4383278f008312f1a7d2e242f05defccf191b581bc0d61dec9fd9b21a5e6b5cf817f307b75d57d1c02e95ff7cb54c
- SSDEEP
  
  49152:EWMn2d/BRoXdCtEnSVw0cwonfMOY7REYr4nN:EWQcefSROYNJr4
Score

10^/10

fickerstealer infostealer persistence spyware stealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fickerstealerinfostealerpersistencespywarestealer

behavioral2

fickerstealerinfostealerspywarestealer