General

  • Target

    02fae1b6a4d47cfc386b0267fb93c3c3_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240427-lvnh7aga63

  • MD5

    02fae1b6a4d47cfc386b0267fb93c3c3

  • SHA1

    6858061de8c3f0558be3b6f36e73be07b01007fb

  • SHA256

    0d382123819c1e6ba120584adaa1611135a04db677e3be880e91f422fb9c663f

  • SHA512

    ded716fe688f630bfc8f0983f53569b20b6534b66a65db9b9d97434012a643ed63c8b313818528d661ec3d1eb87e13d711f64181a24cad0640f81979a8efe634

  • SSDEEP

    12288:PCG/qboPqVi2AqGj7k9Rey+Nt7BOAth5eQX3S:NCbrK57FtzeQXi

Malware Config

Extracted

Family

fickerstealer

C2

intros.top:80

Targets

    • Target

      02fae1b6a4d47cfc386b0267fb93c3c3_JaffaCakes118

    • Size

      1.2MB

    • MD5

      02fae1b6a4d47cfc386b0267fb93c3c3

    • SHA1

      6858061de8c3f0558be3b6f36e73be07b01007fb

    • SHA256

      0d382123819c1e6ba120584adaa1611135a04db677e3be880e91f422fb9c663f

    • SHA512

      ded716fe688f630bfc8f0983f53569b20b6534b66a65db9b9d97434012a643ed63c8b313818528d661ec3d1eb87e13d711f64181a24cad0640f81979a8efe634

    • SSDEEP

      12288:PCG/qboPqVi2AqGj7k9Rey+Nt7BOAth5eQX3S:NCbrK57FtzeQXi

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks