fickerstealer | 8a0772d0b96be2e3ea63320f194961906560ea9b6bedef47239aaa0faa52816a | Triage

Sharing

General

Target

d606fd6b342d804968cc31341dbae523
Size

430KB
Sample

240319-nwd29abc24
MD5

d606fd6b342d804968cc31341dbae523
SHA1

37788e6afb13dd6a5d6859072f4e099d6d961cf6
SHA256

8a0772d0b96be2e3ea63320f194961906560ea9b6bedef47239aaa0faa52816a
SHA512

e43994250c14d4f2ef386b24734e0486202a259e49e7b22a7435d70bb17b3047fc497f44bc30e66c1307edd3dd4a75e80eae30a40a3725366f47307c434ce7bc
SSDEEP

6144:Pk+nzDvUEvC9JZGKFhRCkMW0rLAb56dpLN4XQKJrsu:Pk+nA9JZGUhzMW0rwrsu

Score

10^/10

fickerstealer infostealer

Malware Config

Extracted

Family

fickerstealer

C2

80.87.192.115:80

Targets

- Target
  
  d606fd6b342d804968cc31341dbae523
- Size
  
  430KB
- MD5
  
  d606fd6b342d804968cc31341dbae523
- SHA1
  
  37788e6afb13dd6a5d6859072f4e099d6d961cf6
- SHA256
  
  8a0772d0b96be2e3ea63320f194961906560ea9b6bedef47239aaa0faa52816a
- SHA512
  
  e43994250c14d4f2ef386b24734e0486202a259e49e7b22a7435d70bb17b3047fc497f44bc30e66c1307edd3dd4a75e80eae30a40a3725366f47307c434ce7bc
- SSDEEP
  
  6144:Pk+nzDvUEvC9JZGKFhRCkMW0rLAb56dpLN4XQKJrsu:Pk+nA9JZGUhzMW0rwrsu
Score

10^/10

fickerstealer infostealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

fickerstealerinfostealer

behavioral2

fickerstealerinfostealer