General
-
Target
0462b2c5b2f0efb79d2681f5ad62508d
-
Size
491KB
-
Sample
231224-s931rahfh3
-
MD5
0462b2c5b2f0efb79d2681f5ad62508d
-
SHA1
a5b90879122c8e6fd64c4e08eed8bdd78058f3ac
-
SHA256
43f3454b59d1da36302b70fba810f63c4e561915bb81032c123d9bdcfceff0b8
-
SHA512
776c892ce0581adda2c222d5412c97357a395ada5f428c064dafa527652fc3f5ae780e0141aeb77c3c816d03205225b47212074d75074fe33577ae746eab8224
-
SSDEEP
12288:D4vtPhTFQMeEcTNO8nN+2BvJBAoUOEVr6LMW0rwrsu:clhKMSJN+2pDAoUP2Lh3
Static task
static1
Behavioral task
behavioral1
Sample
0462b2c5b2f0efb79d2681f5ad62508d.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0462b2c5b2f0efb79d2681f5ad62508d.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
0462b2c5b2f0efb79d2681f5ad62508d
-
Size
491KB
-
MD5
0462b2c5b2f0efb79d2681f5ad62508d
-
SHA1
a5b90879122c8e6fd64c4e08eed8bdd78058f3ac
-
SHA256
43f3454b59d1da36302b70fba810f63c4e561915bb81032c123d9bdcfceff0b8
-
SHA512
776c892ce0581adda2c222d5412c97357a395ada5f428c064dafa527652fc3f5ae780e0141aeb77c3c816d03205225b47212074d75074fe33577ae746eab8224
-
SSDEEP
12288:D4vtPhTFQMeEcTNO8nN+2BvJBAoUOEVr6LMW0rwrsu:clhKMSJN+2pDAoUP2Lh3
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-