fickerstealer | 74512c9b35180a773ca2d9423cfd419d6046ff69aced49d340c0dce137188648 | Triage

Submit
Reports

Overview

overview

Static

static

3

Setup.exe

windows7-x64

Setup.exe

windows10-2004-x64

Sharing

General

Target

Call of Duty Black Ops-SKIDROW.zip
Size

5.1MB
Sample

240320-n46r8sga63
MD5

c74c3601cac9fda67453b40cb54026c4
SHA1

e1ee78a3337426b5d73533d843f0da6c0506f34c
SHA256

74512c9b35180a773ca2d9423cfd419d6046ff69aced49d340c0dce137188648
SHA512

408253bd439687169555a0e2d4275e91620cef983870f1d31e0ac52877d6389bb79162edbca8155dc56eed2a70747f72640f32c93459a555df00ffb599b193de
SSDEEP

98304:hiJ3hSxnS8puRHs57nOeMP3Vill6rQsWizWz+jmcyhTGRThIauHli4:ykxSts7nOeWgsrzWz+6xaFhI9li4

Score

10^/10

fickerstealer infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Setup.exe

Resource

win7-20240221-en

fickerstealer infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

Setup.exe

Resource

win10v2004-20240226-en

fickerstealer infostealer

windows10-2004-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

fickerstealer

C2

45.93.201.181:80

Targets

- Target
  
  Setup.exe
- Size
  
  793.8MB
- MD5
  
  9a851a47a9bd2f92c61d2486d1be3064
- SHA1
  
  3cda31c06db97246705d95dfcf4908eafb514b87
- SHA256
  
  7c2b51c31a895f2eeb6afe748f11d0f6a16355b01c41f22749043c0da7804206
- SHA512
  
  90340910dc1ee90ccfe7f451578de67c5ca32b95525157acd8b5bc2e99b9c0b2254bfb58997cc848a0ead871bc3f1e03dbb152d56aa709c4ecd3742404eec27b
- SSDEEP
  
  196608:6spHQk/ICYcdYtOQYMvm6Iu+8RuJQHIsuRuJyPquRuJXMD349nt3njto03qJbYav:6csCYgIBH2XD349nt3nW03s8up
Score

10^/10

fickerstealer infostealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

fickerstealerinfostealer

behavioral2

fickerstealerinfostealer

© 2018-2024

Terms | Privacy