Extracted

• • Target

    af48f5f3dad69a667accecd6c9c12f86

  • Size

    603KB

  • MD5

    af48f5f3dad69a667accecd6c9c12f86

  • SHA1

    6b55cca1dc73758b15d022b2cd816c641d25defa

  • SHA256

    922c83f2e572dc573347826d66ea1d9fcd4e1b7ec3359713c20e1958af26e8b7

  • SHA512

    75c4ab2813952d8c6abe565b23f79bd98ead16ff4c5810aba0e0b99b5f802d56e750e67a696a10339a641f4ae915f20702b587db4bdb7625213a1460155e4a51

  • SSDEEP

    12288:7XfGdZgSFyfmjyNywcnuqj07lzcMW0rwrsu:7vGf8mTwcnu1Jch3

  Score

  10^/10

  fickerstealerinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2