General

  • Target

    f62434d2bfd1b9d953618d0be4ba442e3210b821575ae1b1c97ae6aa55ae394a

  • Size

    4.5MB

  • Sample

    240410-sbq9asfb4x

  • MD5

    7912addad41057e4fd93ca599aef6b22

  • SHA1

    6954b0d7afbc34086dda788bd92eb206032b9728

  • SHA256

    f62434d2bfd1b9d953618d0be4ba442e3210b821575ae1b1c97ae6aa55ae394a

  • SHA512

    aaa38daf119f5d7e269059ca98a3ef1bc3bfd73602b560ff0daed1cbd107fc4bcfa524591fd45de2d3c2088af086bab0c1845f3b517c614b99ad345d39914ef3

  • SSDEEP

    98304:57AsIlb8NWY5mIaBJHW++kYal61OGHAwFcfn4mpaM5A1FE/cP:5Ms2KWJ2mrl60HFpP5RkP

Malware Config

Extracted

Family

fickerstealer

C2

86.107.197.85:80

Targets

    • Target

      f62434d2bfd1b9d953618d0be4ba442e3210b821575ae1b1c97ae6aa55ae394a

    • Size

      4.5MB

    • MD5

      7912addad41057e4fd93ca599aef6b22

    • SHA1

      6954b0d7afbc34086dda788bd92eb206032b9728

    • SHA256

      f62434d2bfd1b9d953618d0be4ba442e3210b821575ae1b1c97ae6aa55ae394a

    • SHA512

      aaa38daf119f5d7e269059ca98a3ef1bc3bfd73602b560ff0daed1cbd107fc4bcfa524591fd45de2d3c2088af086bab0c1845f3b517c614b99ad345d39914ef3

    • SSDEEP

      98304:57AsIlb8NWY5mIaBJHW++kYal61OGHAwFcfn4mpaM5A1FE/cP:5Ms2KWJ2mrl60HFpP5RkP

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks