General
-
Target
d606fd6b342d804968cc31341dbae523
-
Size
430KB
-
Sample
240319-nwd29abc24
-
MD5
d606fd6b342d804968cc31341dbae523
-
SHA1
37788e6afb13dd6a5d6859072f4e099d6d961cf6
-
SHA256
8a0772d0b96be2e3ea63320f194961906560ea9b6bedef47239aaa0faa52816a
-
SHA512
e43994250c14d4f2ef386b24734e0486202a259e49e7b22a7435d70bb17b3047fc497f44bc30e66c1307edd3dd4a75e80eae30a40a3725366f47307c434ce7bc
-
SSDEEP
6144:Pk+nzDvUEvC9JZGKFhRCkMW0rLAb56dpLN4XQKJrsu:Pk+nA9JZGUhzMW0rwrsu
Malware Config
Extracted
fickerstealer
80.87.192.115:80
Targets
-
-
Target
d606fd6b342d804968cc31341dbae523
-
Size
430KB
-
MD5
d606fd6b342d804968cc31341dbae523
-
SHA1
37788e6afb13dd6a5d6859072f4e099d6d961cf6
-
SHA256
8a0772d0b96be2e3ea63320f194961906560ea9b6bedef47239aaa0faa52816a
-
SHA512
e43994250c14d4f2ef386b24734e0486202a259e49e7b22a7435d70bb17b3047fc497f44bc30e66c1307edd3dd4a75e80eae30a40a3725366f47307c434ce7bc
-
SSDEEP
6144:Pk+nzDvUEvC9JZGKFhRCkMW0rLAb56dpLN4XQKJrsu:Pk+nA9JZGUhzMW0rwrsu
Score10/10-
Fickerstealer
Ficker is an infostealer written in Rust and ASM.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-