Extracted

• • Target

    27041b8e37dc80cc783f807c639c2e0e

  • Size

    503KB

  • MD5

    27041b8e37dc80cc783f807c639c2e0e

  • SHA1

    c4a0ff2bfa649764291378b2a4a46903145b90c5

  • SHA256

    7aa03ed6935a820850ae6a10b4e8715123c0cf79412925a56b7c55a04b4929a6

  • SHA512

    5ee30068efb17ea98f2dcd8ba25caa30a44d938de44ab72b909fa4b34800d45f9b18dc36bea8f92ea9ec2df07bae61bcb31b357b13dbef1a83fbb6393e032515

  • SSDEEP

    12288:plHHjTbTHrU9RZ8V0lQhJdFPwvLmGe0EXaW0rN3:TH/vHga06hJdpcCGhU63

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2