General
-
Target
9fdeed473f923e282c4394ff58191cbc
-
Size
470KB
-
Sample
240216-j4b6eaee79
-
MD5
9fdeed473f923e282c4394ff58191cbc
-
SHA1
2ba8aafc4717afd8d374448b2193adba7a3d3f11
-
SHA256
78dce934e15d7dd8be0038d350f32d1d02128b560fb328f954ce44b7fead353e
-
SHA512
f25a915edb13ab797dcb128050b24aa1da90a0531d7d5d2a482e2c7ad74b2dc9792fdf1db4e75fa474e266718a3cdc47468ad6422c54d9498fce588a3d9ddb95
-
SSDEEP
6144:i+0ZycPjPPztWO/9adNDF5AJxbjYfC1lAAJB/L1XaW0rLFb56dpLN4XQKJ3:QycPzPztWuad5ebj09AnxXaW0rN3
Malware Config
Extracted
fickerstealer
asfasfvcxvdbs.com:80
Targets
-
-
Target
9fdeed473f923e282c4394ff58191cbc
-
Size
470KB
-
MD5
9fdeed473f923e282c4394ff58191cbc
-
SHA1
2ba8aafc4717afd8d374448b2193adba7a3d3f11
-
SHA256
78dce934e15d7dd8be0038d350f32d1d02128b560fb328f954ce44b7fead353e
-
SHA512
f25a915edb13ab797dcb128050b24aa1da90a0531d7d5d2a482e2c7ad74b2dc9792fdf1db4e75fa474e266718a3cdc47468ad6422c54d9498fce588a3d9ddb95
-
SSDEEP
6144:i+0ZycPjPPztWO/9adNDF5AJxbjYfC1lAAJB/L1XaW0rLFb56dpLN4XQKJ3:QycPzPztWuad5ebj09AnxXaW0rN3
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-