Extracted

• • Target

    39dff8331999da03251fd208b84b8971

  • Size

    534KB

  • MD5

    39dff8331999da03251fd208b84b8971

  • SHA1

    00875199238e66ebf0a1782b3c8fc55f6c803810

  • SHA256

    f16532d0481496143ed0b4241cd76e8d0ce91b8c763ef947984636e6ed187394

  • SHA512

    60f194629e08e76b66007077cbf4cb68b7a79222fc44dbef1bb7295662ceff37de7f4b4b14ad0dfd80e9994fa9a06471c124cff7f1b9ad38e52560422c719168

  • SSDEEP

    6144:79jusFJc1l736iyBp27Os7FhFKF6ZLKzGZrNVfs8ViMW0rLAb56dpLN4XQKJrsu:799cCpCbKWN2jMW0rwrsu

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2