General

  • Target

    69a5e1d3f75a88d789af6994f5f7fc88128c2f057a5e46ac5bb759593f28406f

  • Size

    5.6MB

  • Sample

    240930-lvt1zatape

  • MD5

    e13ccf47d99d92e295cd58b2294aa99f

  • SHA1

    ba1a59a84775b8bf494df3ef4908f40cd638e2bd

  • SHA256

    69a5e1d3f75a88d789af6994f5f7fc88128c2f057a5e46ac5bb759593f28406f

  • SHA512

    9043ad00b8942be31ccc65c8f7ab173f4d83f9ac0a83297861e608abd7e7a0a5d2999ac1a39d7083e8bf99ed4c760cfa124871bb814589fdc0596cf024c85612

  • SSDEEP

    12288:jO+SiBMdiBnf34FjalriBLHE45xu4XF5wfhonyueie2L7Ax+2bw8jUEJB7Njk9En:KmVfqalritE4NV5wf8euA3wmXNjsE+

Malware Config

Extracted

Family

fickerstealer

C2

85.17.190.28:80

Targets

    • Target

      69a5e1d3f75a88d789af6994f5f7fc88128c2f057a5e46ac5bb759593f28406f

    • Size

      5.6MB

    • MD5

      e13ccf47d99d92e295cd58b2294aa99f

    • SHA1

      ba1a59a84775b8bf494df3ef4908f40cd638e2bd

    • SHA256

      69a5e1d3f75a88d789af6994f5f7fc88128c2f057a5e46ac5bb759593f28406f

    • SHA512

      9043ad00b8942be31ccc65c8f7ab173f4d83f9ac0a83297861e608abd7e7a0a5d2999ac1a39d7083e8bf99ed4c760cfa124871bb814589fdc0596cf024c85612

    • SSDEEP

      12288:jO+SiBMdiBnf34FjalriBLHE45xu4XF5wfhonyueie2L7Ax+2bw8jUEJB7Njk9En:KmVfqalritE4NV5wf8euA3wmXNjsE+

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks