General
-
Target
bb63e42e54a05254ef6548d0b3f47cd4
-
Size
591KB
-
Sample
240308-qtwkmagb79
-
MD5
bb63e42e54a05254ef6548d0b3f47cd4
-
SHA1
85cba54ac296a31fc93fbabd05aa1687f7835d66
-
SHA256
2c04fcbd90a80c7fd194b868b2d9d7dfc8622e98487e65560375e873034a6899
-
SHA512
1190305963f3b5c547a946ca317334e86a063a03648c19e770d67071400e863be8aeaff41c274c0f9f49c9584d57ec6e9de97f246e9d3f7332f57130918a2494
-
SSDEEP
12288:qY41ITc08TD+O0NV7Isj7Hc7PMxy4bAwsMW0rwrsu:qOT38GTpjGGy4Ejh3
Static task
static1
Behavioral task
behavioral1
Sample
bb63e42e54a05254ef6548d0b3f47cd4.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
bb63e42e54a05254ef6548d0b3f47cd4.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
bb63e42e54a05254ef6548d0b3f47cd4
-
Size
591KB
-
MD5
bb63e42e54a05254ef6548d0b3f47cd4
-
SHA1
85cba54ac296a31fc93fbabd05aa1687f7835d66
-
SHA256
2c04fcbd90a80c7fd194b868b2d9d7dfc8622e98487e65560375e873034a6899
-
SHA512
1190305963f3b5c547a946ca317334e86a063a03648c19e770d67071400e863be8aeaff41c274c0f9f49c9584d57ec6e9de97f246e9d3f7332f57130918a2494
-
SSDEEP
12288:qY41ITc08TD+O0NV7Isj7Hc7PMxy4bAwsMW0rwrsu:qOT38GTpjGGy4Ejh3
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-