General
-
Target
36e7c8a3e42a6cc8b082dd1d7aec08f1.exe
-
Size
457KB
-
Sample
240110-ya4qwsfgg7
-
MD5
36e7c8a3e42a6cc8b082dd1d7aec08f1
-
SHA1
0883b540fe0908bdb3a69d84273e37a52af5618d
-
SHA256
238942efe3736ff73e7674abb5eb809c42bf0c510f6d1729344fd19b7fe5fbd5
-
SHA512
f72ea6a3d5f1a68e5d41104f8cf6bb20b26bb0601be8f8a624485345817018d5e5616e1db54aca2933afdc675d8617bd0335be4ed2e5ebbdc9820f984f4e636b
-
SSDEEP
6144:U1eXLHWlZb7rvAQT62LvoVzqKxx10wJ3LcJz9MMW0rLAb56dpLN4XQKJrsu:USCZb7TfL8zFxx10wJ7cJ6MW0rwrsu
Static task
static1
Behavioral task
behavioral1
Sample
36e7c8a3e42a6cc8b082dd1d7aec08f1.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
36e7c8a3e42a6cc8b082dd1d7aec08f1.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
36e7c8a3e42a6cc8b082dd1d7aec08f1.exe
-
Size
457KB
-
MD5
36e7c8a3e42a6cc8b082dd1d7aec08f1
-
SHA1
0883b540fe0908bdb3a69d84273e37a52af5618d
-
SHA256
238942efe3736ff73e7674abb5eb809c42bf0c510f6d1729344fd19b7fe5fbd5
-
SHA512
f72ea6a3d5f1a68e5d41104f8cf6bb20b26bb0601be8f8a624485345817018d5e5616e1db54aca2933afdc675d8617bd0335be4ed2e5ebbdc9820f984f4e636b
-
SSDEEP
6144:U1eXLHWlZb7rvAQT62LvoVzqKxx10wJ3LcJz9MMW0rLAb56dpLN4XQKJrsu:USCZb7TfL8zFxx10wJ7cJ6MW0rwrsu
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-