Overview

overview

10

Static

static

1

dbd4496057...cb.exe

windows7-x64

10

dbd4496057...cb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbd4496057f599e420904dd6997607cb

  • Size

    498KB

  • Sample

    240321-rk8n9sdc84

  • MD5

    dbd4496057f599e420904dd6997607cb

  • SHA1

    99bd82d3614595f64e6a42b708bd077672ffa866

  • SHA256

    7b99909a1c8d5d1bf431c105678b7b63d1cb56b6fba978e368fc21e9ec6ee723

  • SHA512

    1b2474b39fd49a94cdc6b7240e396cf0ba3e0b614845c0d96249c6a28881c46f932abe60915049307e98ec07fd64bad7ac5e30c37780b65fcbbde6bb45872b03

  • SSDEEP

    12288:y3G6x+KxCvLtJ9F4M7CcWPJYLlMW0rwrsu:y/3ovmJYLlh3

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

80.87.192.115:80

Targets

    • Target

      dbd4496057f599e420904dd6997607cb

    • Size

      498KB

    • MD5

      dbd4496057f599e420904dd6997607cb

    • SHA1

      99bd82d3614595f64e6a42b708bd077672ffa866

    • SHA256

      7b99909a1c8d5d1bf431c105678b7b63d1cb56b6fba978e368fc21e9ec6ee723

    • SHA512

      1b2474b39fd49a94cdc6b7240e396cf0ba3e0b614845c0d96249c6a28881c46f932abe60915049307e98ec07fd64bad7ac5e30c37780b65fcbbde6bb45872b03

    • SSDEEP

      12288:y3G6x+KxCvLtJ9F4M7CcWPJYLlMW0rwrsu:y/3ovmJYLlh3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks