General

  • Target

    7b722b1a1468521d3835b9ec6ae6f489

  • Size

    1.8MB

  • Sample

    240127-2cz29sdeg6

  • MD5

    7b722b1a1468521d3835b9ec6ae6f489

  • SHA1

    25d257d8ffdcc3d381d528762e88d9521cb69d42

  • SHA256

    b7c28d5f830c3e40bc9a86bb17116a2a52dd550f4492644abde97355f621033e

  • SHA512

    acb7e26422526054ae9e9c4df91d0793fb8d455b21d0d71087db7eff9fc478ca189c2f9a3ef3751d1ea95340c808dacd898a068fc1e7be6dae2abcb4ae1c8321

  • SSDEEP

    49152:5SUtD+mjeXp1030T09o5STaigawNDxgxotLu:76dL0klwTai5sLu

Malware Config

Extracted

Family

fickerstealer

C2

91.211.248.143:80

Targets

    • Target

      7b722b1a1468521d3835b9ec6ae6f489

    • Size

      1.8MB

    • MD5

      7b722b1a1468521d3835b9ec6ae6f489

    • SHA1

      25d257d8ffdcc3d381d528762e88d9521cb69d42

    • SHA256

      b7c28d5f830c3e40bc9a86bb17116a2a52dd550f4492644abde97355f621033e

    • SHA512

      acb7e26422526054ae9e9c4df91d0793fb8d455b21d0d71087db7eff9fc478ca189c2f9a3ef3751d1ea95340c808dacd898a068fc1e7be6dae2abcb4ae1c8321

    • SSDEEP

      49152:5SUtD+mjeXp1030T09o5STaigawNDxgxotLu:76dL0klwTai5sLu

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks