Extracted

• • Target

    80c53a6f0272c72891d561c3d17ea428

  • Size

    509KB

  • MD5

    80c53a6f0272c72891d561c3d17ea428

  • SHA1

    6788c017a9e366d2c8c295f9b4326a3b53f1071c

  • SHA256

    2a07d19fd34df0e33413d8bfebc26b39c0f86f7a600f869bdda60ecd5976d057

  • SHA512

    99468d2ff130f0541b48d3fed815e7af5892302250df2cc268ae9b401eda1e6298b5df85a92e51c765c4430a6ddf8935cf274f1c79e6f5f7e291e5c8d04ab522

  • SSDEEP

    12288:ERGZnX2cMf1Idc+ihUs5I5Npf1YV71EW0rF3:NnGcD3uU+I5j1YV5y3

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2