Overview

overview

10

Static

static

1

d5a6d4fbbf...08.exe

windows7-x64

10

d5a6d4fbbf...08.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d5a6d4fbbfcd6dc054aa0b54156c5808

  • Size

    478KB

  • Sample

    240319-kar57sef98

  • MD5

    d5a6d4fbbfcd6dc054aa0b54156c5808

  • SHA1

    1ff49278fbef6296c40af0990194a561961872ac

  • SHA256

    279918fed3f225b8003352a49614b0ce77bd50dbe4b2b7c1c30001ad7cd81436

  • SHA512

    708b2d2659b1f03c594359b5cde135e666a91d91397e7470cfcc3cae92252f67f0c11dd2f7e84ad16745ec4904707bcd707dedcc7ae0c71c1e7280e574214a21

  • SSDEEP

    6144:FNgmxwEFVREjzbsqQmd2hM1odm3SLX5WeGak7gRwRwoOLCMW0rLAb56dpLN4XQKl:FNFwEFVp41Om3StFekMwoO2MW0rwrsu

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

80.87.192.115:80

Targets

    • Target

      d5a6d4fbbfcd6dc054aa0b54156c5808

    • Size

      478KB

    • MD5

      d5a6d4fbbfcd6dc054aa0b54156c5808

    • SHA1

      1ff49278fbef6296c40af0990194a561961872ac

    • SHA256

      279918fed3f225b8003352a49614b0ce77bd50dbe4b2b7c1c30001ad7cd81436

    • SHA512

      708b2d2659b1f03c594359b5cde135e666a91d91397e7470cfcc3cae92252f67f0c11dd2f7e84ad16745ec4904707bcd707dedcc7ae0c71c1e7280e574214a21

    • SSDEEP

      6144:FNgmxwEFVREjzbsqQmd2hM1odm3SLX5WeGak7gRwRwoOLCMW0rLAb56dpLN4XQKl:FNFwEFVp41Om3StFekMwoO2MW0rwrsu

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks