Resubmissions

07-10-2024 20:45

241007-zjry5axama 10

07-10-2024 20:33

241007-zbw8wasgmn 10

General

  • Target

    f9abb9d06c184267a2663080a74cef9b30840afe7062882668ba2bca3d329c2a

  • Size

    5.6MB

  • Sample

    241007-zjry5axama

  • MD5

    3d174a94e83b2a59d05c68eaa7aa761f

  • SHA1

    fabf2977736c850f3e40cf92731e171395b7a346

  • SHA256

    f9abb9d06c184267a2663080a74cef9b30840afe7062882668ba2bca3d329c2a

  • SHA512

    976f21560adb97c8c0083040d1d01120e20a86168ec2ff47efdf8f6f7718d97d94068d32014d8f4e87153d851908fcc956dd066b694cf02b0f8d6d8e368a6dc3

  • SSDEEP

    12288:jO+SiBMdiBnf34FjalriBLHE45xu4XF5wfhonyueie2L7Ax+2bw8jUEJB7Njk9En:KmVfqalritE4NV5wf8euA3wmXNjsE+

Malware Config

Extracted

Family

fickerstealer

C2

85.17.190.28:80

Targets

    • Target

      f9abb9d06c184267a2663080a74cef9b30840afe7062882668ba2bca3d329c2a

    • Size

      5.6MB

    • MD5

      3d174a94e83b2a59d05c68eaa7aa761f

    • SHA1

      fabf2977736c850f3e40cf92731e171395b7a346

    • SHA256

      f9abb9d06c184267a2663080a74cef9b30840afe7062882668ba2bca3d329c2a

    • SHA512

      976f21560adb97c8c0083040d1d01120e20a86168ec2ff47efdf8f6f7718d97d94068d32014d8f4e87153d851908fcc956dd066b694cf02b0f8d6d8e368a6dc3

    • SSDEEP

      12288:jO+SiBMdiBnf34FjalriBLHE45xu4XF5wfhonyueie2L7Ax+2bw8jUEJB7Njk9En:KmVfqalritE4NV5wf8euA3wmXNjsE+

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks