fickerstealer | 9b6188115efb3c65fa996b0ed552c0d56c2f03e2b2cc10088d79221ae60ea59b | Triage

Sharing

General

Target

Minecraft 1.9.0 Cracked [Full Installer] [Online] [Server List].zip
Size

5.1MB
Sample

240812-msx6aaxenr
MD5

cef3c6cbe55d593d1513830eb74c69ac
SHA1

75c7b09a92b936ec920decbfa55df4a567ffc9c8
SHA256

9b6188115efb3c65fa996b0ed552c0d56c2f03e2b2cc10088d79221ae60ea59b
SHA512

19c9794a02371b8ca8e8ae23657dd2583e9e92a31bde9f91736d5a4ec6696a8964907d273cefb3336c4b59f7a67e113f7ded3acdc415a5fafd9c9794a2a8eeff
SSDEEP

98304:7D2kMQppKa3bVvglS5+n3kGWYh0y04DoOR0kl4lR1q0FTlAG:7Fhe8bNgow5FhEORyDkElF

Score

10^/10

fickerstealer discovery infostealer

Malware Config

Extracted

Family

fickerstealer

C2

45.93.201.181:80

Targets

- Target
  
  Setup.exe
- Size
  
  793.8MB
- MD5
  
  9a851a47a9bd2f92c61d2486d1be3064
- SHA1
  
  3cda31c06db97246705d95dfcf4908eafb514b87
- SHA256
  
  7c2b51c31a895f2eeb6afe748f11d0f6a16355b01c41f22749043c0da7804206
- SHA512
  
  90340910dc1ee90ccfe7f451578de67c5ca32b95525157acd8b5bc2e99b9c0b2254bfb58997cc848a0ead871bc3f1e03dbb152d56aa709c4ecd3742404eec27b
- SSDEEP
  
  196608:6spHQk/ICYcdYtOQYMvm6Iu+8RuJQHIsuRuJyPquRuJXMD349nt3njto03qJbYav:6csCYgIBH2XD349nt3nW03s8up
Score

10^/10

fickerstealer discovery infostealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fickerstealerdiscoveryinfostealer

behavioral2

fickerstealerdiscoveryinfostealer