General
-
Target
0ecce4332bd67641396914bfac058814
-
Size
523KB
-
Sample
231230-fawfeaehdp
-
MD5
0ecce4332bd67641396914bfac058814
-
SHA1
1894459cbceb22a909af65f53959381852e9e73c
-
SHA256
930eb422bd8e5011f1b155761590cf43772cbeba83292d27f886625fb336dd62
-
SHA512
cc1f57bf4f03ca838678077e4a0f4cd05bd8b41ae1c8678d1fbda70b274a7d2482efde6479b354363d97fd12fc12e1bf5f0406adf1d53739a069f21d4a91b855
-
SSDEEP
6144:Co1IJHH1vI8c0/AM7KfVxCbrPCeqc2WOTFWV5Uc0anL+cThKzpMW0rLAb56dpLNU:tIlH1vIB0z7WVwkFDi+cTopMW0rwrsu
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
0ecce4332bd67641396914bfac058814
-
Size
523KB
-
MD5
0ecce4332bd67641396914bfac058814
-
SHA1
1894459cbceb22a909af65f53959381852e9e73c
-
SHA256
930eb422bd8e5011f1b155761590cf43772cbeba83292d27f886625fb336dd62
-
SHA512
cc1f57bf4f03ca838678077e4a0f4cd05bd8b41ae1c8678d1fbda70b274a7d2482efde6479b354363d97fd12fc12e1bf5f0406adf1d53739a069f21d4a91b855
-
SSDEEP
6144:Co1IJHH1vI8c0/AM7KfVxCbrPCeqc2WOTFWV5Uc0anL+cThKzpMW0rLAb56dpLNU:tIlH1vIB0z7WVwkFDi+cTopMW0rwrsu
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-