Extracted

• • Target

    1e6666100c72fac437bfebd67672844a

  • Size

    570KB

  • MD5

    1e6666100c72fac437bfebd67672844a

  • SHA1

    cae5be67b0fde097e041520bb5ec51980dc7df68

  • SHA256

    067cab9c4123e51af9d20ae94bb59c21b207fc45a106046470c2b2d5283cf15e

  • SHA512

    21c23eea9f3a82e627eb6ce7680d24e49eab413139b571848a84a58e47d6e15b1c054e588c22b92e7eabf273e25a567efc367bca80f2192bf977c9b3451ba38c

  • SSDEEP

    12288:9UiUE+VmwCIeTxmHRzHVgybaUqTMW0rwrsu:J+Vmw9HZ1g41qTh3

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2