Extracted

• • Target

    0fd7de5367376231a788872005d7ed4f

  • Size

    536KB

  • MD5

    0fd7de5367376231a788872005d7ed4f

  • SHA1

    658e4d5efb8b14661967be2183cc60e3e561b2b6

  • SHA256

    9083992637e90e412e6f4e77331eb69ee8db821c54bbc38533e0f889cc4ca9dd

  • SHA512

    522d5be2803fbce0d12c325cc2ef1e3a92cec03aeba7d1164530093ad58caecd827dd557ca3c182a66c6667150e731de37bb552d19425f96cc78fe3423e1a863

  • SSDEEP

    12288:eKmlz464jAfhe5pUC1jAXBoFACBfz6JMW0rwrsu:oz4d/5iCj0BoNBb6Jh3

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2