General
-
Target
1045b0b441c50d7268f9fbcc19a23093f9efae22c0fc006a28e11190f7115fa4
-
Size
274KB
-
Sample
240731-lasbmssamb
-
MD5
9d6fd73873666d91d219cc5cebbaeff9
-
SHA1
022ff1a36b2cafdc5197120634076cef6fac5c50
-
SHA256
1045b0b441c50d7268f9fbcc19a23093f9efae22c0fc006a28e11190f7115fa4
-
SHA512
8333dfd50715e11dc848a45e45dd87bf49ca7437c1b64fbfd0a0efa41711374fe75e08a1fa8b609df80464d173f1a711d4627876e78b969f2d014ff0f6b9e8c0
-
SSDEEP
6144:nF6fMGHY2jNSUW2bcNpp4asiNCM68xtEdz4ibA9R2f3pRphO92yW:E0GH/h3IbNNo8xt84ibSe5Rpw9TW
Static task
static1
Behavioral task
behavioral1
Sample
c04433797667c205da21d0b783bdbbbd6ba3ca3d62f43f6e7e911ccdf09007cb.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
c04433797667c205da21d0b783bdbbbd6ba3ca3d62f43f6e7e911ccdf09007cb.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
fickerstealer
188.120.251.192:80
Targets
-
-
Target
c04433797667c205da21d0b783bdbbbd6ba3ca3d62f43f6e7e911ccdf09007cb
-
Size
390KB
-
MD5
562daf0dafe1eeed0d7b541d39136156
-
SHA1
3b432a2b66cd8eb3837d7547ea3eb287f2b26574
-
SHA256
c04433797667c205da21d0b783bdbbbd6ba3ca3d62f43f6e7e911ccdf09007cb
-
SHA512
62abb8de0a46f320161e393560748ffa6ed3f89fa342dbc41e429ae67c5c1248b7facc1e26e203a61131d84eda03de2612bc1f719a0525cbba03e37abac007ba
-
SSDEEP
6144:WlztA+MRDqoqLgblVk9hXWADQk8kVh6OV5dVvQ7ceWJdpp00xsu:Wl++MRDsKlahPDQEVpvwWJ5fxsu
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-