General
-
Target
3b5e9f4c6084ea2829600331178d9c03
-
Size
581KB
-
Sample
231231-3rj52agber
-
MD5
3b5e9f4c6084ea2829600331178d9c03
-
SHA1
3358bfe3fc47f7c8666c14511aae1b146622bd25
-
SHA256
4315d8ec233574613d2ed77b9f38a803cc43d6370a2333ac5347bc9cac9eb313
-
SHA512
0df49d2c5ca4f94dc628cd727e1e82bb302b910a80d24ce8d4d2734c88ab94de3688df256d0bc656575494a9c52a532454c37d846071ba0c9888e968fab53af8
-
SSDEEP
12288:aZ5FCmnH/edWMQgHo3ZpkK6k10Apt7XYZMW0rwrsu:rmnH/8o30Kx1pt7Xeh3
Static task
static1
Behavioral task
behavioral1
Sample
3b5e9f4c6084ea2829600331178d9c03.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3b5e9f4c6084ea2829600331178d9c03.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
3b5e9f4c6084ea2829600331178d9c03
-
Size
581KB
-
MD5
3b5e9f4c6084ea2829600331178d9c03
-
SHA1
3358bfe3fc47f7c8666c14511aae1b146622bd25
-
SHA256
4315d8ec233574613d2ed77b9f38a803cc43d6370a2333ac5347bc9cac9eb313
-
SHA512
0df49d2c5ca4f94dc628cd727e1e82bb302b910a80d24ce8d4d2734c88ab94de3688df256d0bc656575494a9c52a532454c37d846071ba0c9888e968fab53af8
-
SSDEEP
12288:aZ5FCmnH/edWMQgHo3ZpkK6k10Apt7XYZMW0rwrsu:rmnH/8o30Kx1pt7Xeh3
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-