General
-
Target
76d7f252e4ee38accd3622709f8c522d
-
Size
580KB
-
Sample
231226-r7bm2shagq
-
MD5
76d7f252e4ee38accd3622709f8c522d
-
SHA1
d2a4f442dc12098183c95ba2a0a4a84c7ef7afae
-
SHA256
ae02b8a195f1469f4c43c36b67a0a553842fc3b455ee878e13ee5d642a0e8c24
-
SHA512
f9e4a7b5a2c4e9fab9b9e1b7738ea1dc90b8c70e1d8886f27935919b647ff665dd9ed4c82339f1cf8cf5ddd7c1266b55db77f32f61335da1ddb851ac46f661ac
-
SSDEEP
12288:IdJ9Zq5P4jsJ1vA95b8QcR4s5fPR2ZwiZ5GMW0rwrsu:Oq5P4jsJUMR46PR6wi+h3
Static task
static1
Behavioral task
behavioral1
Sample
76d7f252e4ee38accd3622709f8c522d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
76d7f252e4ee38accd3622709f8c522d.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
76d7f252e4ee38accd3622709f8c522d
-
Size
580KB
-
MD5
76d7f252e4ee38accd3622709f8c522d
-
SHA1
d2a4f442dc12098183c95ba2a0a4a84c7ef7afae
-
SHA256
ae02b8a195f1469f4c43c36b67a0a553842fc3b455ee878e13ee5d642a0e8c24
-
SHA512
f9e4a7b5a2c4e9fab9b9e1b7738ea1dc90b8c70e1d8886f27935919b647ff665dd9ed4c82339f1cf8cf5ddd7c1266b55db77f32f61335da1ddb851ac46f661ac
-
SSDEEP
12288:IdJ9Zq5P4jsJ1vA95b8QcR4s5fPR2ZwiZ5GMW0rwrsu:Oq5P4jsJUMR46PR6wi+h3
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-