General
-
Target
658a6fa6804da49a4c6da4d69a19ce5e
-
Size
451KB
-
Sample
240118-vdp55aecd4
-
MD5
658a6fa6804da49a4c6da4d69a19ce5e
-
SHA1
94174b9464f1f06541ed20fab90c3532eb6b270b
-
SHA256
9039617680414a7f00e32f4df348c8ecd5be21dfb2366789e114cde1ed82be16
-
SHA512
be2965670813d0b0446622cbde9d87fd8fd944459e99ceb402d3a6bdc56a64e781e48f53f74a0d2c220167bc51d67c859a5793ce5e43f507a8b136c546bfbf63
-
SSDEEP
12288:d0r5G51U2pb4iORYtih9twqr/vvvzub+ER0CmSCq:dSm1U2pMiORYtGtr3nzuqEegC
Malware Config
Extracted
fickerstealer
91.241.19.100:80
Targets
-
-
Target
658a6fa6804da49a4c6da4d69a19ce5e
-
Size
451KB
-
MD5
658a6fa6804da49a4c6da4d69a19ce5e
-
SHA1
94174b9464f1f06541ed20fab90c3532eb6b270b
-
SHA256
9039617680414a7f00e32f4df348c8ecd5be21dfb2366789e114cde1ed82be16
-
SHA512
be2965670813d0b0446622cbde9d87fd8fd944459e99ceb402d3a6bdc56a64e781e48f53f74a0d2c220167bc51d67c859a5793ce5e43f507a8b136c546bfbf63
-
SSDEEP
12288:d0r5G51U2pb4iORYtih9twqr/vvvzub+ER0CmSCq:dSm1U2pMiORYtGtr3nzuqEegC
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-