Extracted

• • Target

    8b465138efb2dfa3aaed56602c91e63ee0b49cf22541abbe0cad468965dcf62e

  • Size

    287KB

  • MD5

    1467dc7eb680c9d0cb7b06ac0f705b11

  • SHA1

    f1dde1caf3515b309320bdbff52a45d3ecf48032

  • SHA256

    8b465138efb2dfa3aaed56602c91e63ee0b49cf22541abbe0cad468965dcf62e

  • SHA512

    3fd09e5612d4cae5dbd5c60e8181b774c864ba1ea073b6aaa6ba673b752571c66c7c8ece68ea0005050e3d0835a21e2b91e91e6d68ac8f5e0e8cdc0e8c74359d

  • SSDEEP

    6144:5lHtI7d1YZzX2+6r8bzP+yKbtXacf3lCEV:K7s48bD+ptqS3IE

  Score

  10^/10

  fickerstealerdiscoveryinfostealer

  • Fickerstealer

    Ficker is an infostealer written in Rust and ASM.

    infostealerfickerstealer

  • Fickerstealer family

    fickerstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2