Resubmissions

09-07-2024 06:47

240709-hkayka1cmn 4

06-06-2024 13:11

240606-qffx1see5v 10

General

  • Target

    aLZhlBKT

  • Size

    2KB

  • Sample

    240606-qffx1see5v

  • MD5

    f124b5c09d374d0f69d640b89a9ee2c2

  • SHA1

    b3eabbdb05e682802b862161cd584468095ba168

  • SHA256

    e99ca0fc692290f683b6a3e0ad3812894f539a4a7c8f20998b17b006d1e92dc8

  • SHA512

    03477213af313cad9fee791d9bed12ac887fe999b19169024413720289037e2b832f39d99a6de270fe124f4560209a6ea6c5a4a6f415ded5dfaaacbb898732cc

Malware Config

Extracted

Family

fickerstealer

C2

45.93.201.181:80

Targets

    • Target

      aLZhlBKT

    • Size

      2KB

    • MD5

      f124b5c09d374d0f69d640b89a9ee2c2

    • SHA1

      b3eabbdb05e682802b862161cd584468095ba168

    • SHA256

      e99ca0fc692290f683b6a3e0ad3812894f539a4a7c8f20998b17b006d1e92dc8

    • SHA512

      03477213af313cad9fee791d9bed12ac887fe999b19169024413720289037e2b832f39d99a6de270fe124f4560209a6ea6c5a4a6f415ded5dfaaacbb898732cc

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks