General
-
Target
5c1927604741cf72d7dbb6d30bbc679c
-
Size
489KB
-
Sample
231226-h55nnsbcbj
-
MD5
5c1927604741cf72d7dbb6d30bbc679c
-
SHA1
30a181f2728629f066ae90a57af2c0f601910e7d
-
SHA256
52678f24464744be422832621e5fb313fd0fe92b1499128c66c925e4e67fa07e
-
SHA512
281b3e4b6de4e37ae4213a22efe3fa4926d5a8a6604888b1251f0e1dcaf5f0f5ac3da7d1291ee955e51a40afc18eaf48f88cdbeede3a86d52257faaa43c4e9d3
-
SSDEEP
12288:EjWRgnD0fsc191vpMN8+N1YcTlMW0rwrsu:EQgn4Lv2N1YYh3
Static task
static1
Behavioral task
behavioral1
Sample
5c1927604741cf72d7dbb6d30bbc679c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5c1927604741cf72d7dbb6d30bbc679c.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
5c1927604741cf72d7dbb6d30bbc679c
-
Size
489KB
-
MD5
5c1927604741cf72d7dbb6d30bbc679c
-
SHA1
30a181f2728629f066ae90a57af2c0f601910e7d
-
SHA256
52678f24464744be422832621e5fb313fd0fe92b1499128c66c925e4e67fa07e
-
SHA512
281b3e4b6de4e37ae4213a22efe3fa4926d5a8a6604888b1251f0e1dcaf5f0f5ac3da7d1291ee955e51a40afc18eaf48f88cdbeede3a86d52257faaa43c4e9d3
-
SSDEEP
12288:EjWRgnD0fsc191vpMN8+N1YcTlMW0rwrsu:EQgn4Lv2N1YYh3
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-