General
-
Target
d56c1454ba50e5726df1c1f9cb64c310
-
Size
446KB
-
Sample
240319-g6lfrada6x
-
MD5
d56c1454ba50e5726df1c1f9cb64c310
-
SHA1
18e3ff47adbe879d8329d9d614fea679416ac126
-
SHA256
3ba446e8536427d61e5a46027cf0b60603cc9875fd91df2f3603e6ade817c33f
-
SHA512
92780f6af372e4055e5180d1047d733d2d138359718c72528e6d6541768def02f00d8de8042b7ba33df8c66359ee58167a9c34d8751f8e5907b9054904b882a1
-
SSDEEP
6144:tSLlO+SzMZpSIhX+Yrk9upCTOo+jlXPMW0rLAb56dpLN4XQKJrsu:8A+SQpSIDrk9KNPMW0rwrsu
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
d56c1454ba50e5726df1c1f9cb64c310
-
Size
446KB
-
MD5
d56c1454ba50e5726df1c1f9cb64c310
-
SHA1
18e3ff47adbe879d8329d9d614fea679416ac126
-
SHA256
3ba446e8536427d61e5a46027cf0b60603cc9875fd91df2f3603e6ade817c33f
-
SHA512
92780f6af372e4055e5180d1047d733d2d138359718c72528e6d6541768def02f00d8de8042b7ba33df8c66359ee58167a9c34d8751f8e5907b9054904b882a1
-
SSDEEP
6144:tSLlO+SzMZpSIhX+Yrk9upCTOo+jlXPMW0rLAb56dpLN4XQKJrsu:8A+SQpSIDrk9KNPMW0rwrsu
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-