General

  • Target

    1dd2d3890fb72e583cee5a0e18392704

  • Size

    2.3MB

  • Sample

    231225-phm9facca7

  • MD5

    1dd2d3890fb72e583cee5a0e18392704

  • SHA1

    9ece04bbd9fc829c551c612c3f6150be8e447991

  • SHA256

    2657021520b107b21400d210ddfa5178aa6183a22cd5b56d8754e53e381be891

  • SHA512

    f76dfb1a75b55aab315498973554fbcb26634cba2a509dc34b2d555c9ab297d0391a4c40c7cded88750cce853c9ff142264561450841a5f45645a1e5116b550d

  • SSDEEP

    49152:IYnswzLWlr4W9o5YfMbMcRc/s+kobXnz/q/xnd/c/fnr/a5RZH7HAnnnnnLFz8++:bsblrFz0DAekNy/

Malware Config

Extracted

Family

fickerstealer

C2

91.211.248.143:80

Targets

    • Target

      1dd2d3890fb72e583cee5a0e18392704

    • Size

      2.3MB

    • MD5

      1dd2d3890fb72e583cee5a0e18392704

    • SHA1

      9ece04bbd9fc829c551c612c3f6150be8e447991

    • SHA256

      2657021520b107b21400d210ddfa5178aa6183a22cd5b56d8754e53e381be891

    • SHA512

      f76dfb1a75b55aab315498973554fbcb26634cba2a509dc34b2d555c9ab297d0391a4c40c7cded88750cce853c9ff142264561450841a5f45645a1e5116b550d

    • SSDEEP

      49152:IYnswzLWlr4W9o5YfMbMcRc/s+kobXnz/q/xnd/c/fnr/a5RZH7HAnnnnnLFz8++:bsblrFz0DAekNy/

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks