Extracted

• • Target

    344d0fae77046d608a50b4f07f7e2767

  • Size

    510KB

  • MD5

    344d0fae77046d608a50b4f07f7e2767

  • SHA1

    b600dab2678c4a487c6009e0f3bf8a6bf00efa71

  • SHA256

    1787460d5784f717397a6e3bda4e8b835e855e53a384eb6e50d12311b8788b90

  • SHA512

    fd4ee7a2fb76123dc51c5089a624bbc4ca417a02e2c429850f5d05ad3d244b69e2ff41a6284eadb4dcf229bd96e3730f212b064368c4a0629ed74f6995622e34

  • SSDEEP

    12288:ZSAdQClH18X/kq+Cw6rWdk9n/Bls9EdhWX1EW0rF3:ZPrH1OE+WO9/Bls9oIy3

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2