fickerstealer | 4ca44bdbb7bf314ea7b4635adf0c514f9640888fa36f88da480f8c849a603994 | Triage

Sharing

General

Target

4ca44bdbb7bf314ea7b4635adf0c514f9640888fa36f88da480f8c849a603994.zip
Size

174KB
Sample

250325-275k8stzay
MD5

3e9dad4b06f44ab9d290abb4973fc1c3
SHA1

c1fa1eedf512eeac864edb28dfd44a552f2195c5
SHA256

4ca44bdbb7bf314ea7b4635adf0c514f9640888fa36f88da480f8c849a603994
SHA512

24b3b74ccf8804cd443b0525b3cc90f43b98aa5ceb8be603d54d6fc05c1ba2c22f832660ba15c592bfe274a3d460a495e5361db229f3d3e02c2a4660e2ed9834
SSDEEP

3072:HdbB+i54wXhpHUkb2mynoYwaRNzY1Gyck7YeduWJU8SB57X2P:9SwXvKbwaRNzhHZmP

Score

10^/10

fickerstealer discovery infostealer

Malware Config

Extracted

Family

fickerstealer

C2

otsoebabe.com:80

Targets

- Target
  
  hajdfjadf.bin
- Size
  
  421KB
- MD5
  
  107f4a58dc56c803088abb23d29b279c
- SHA1
  
  a5c6d9600c54e5d02d92ed442e4c8c196a94227b
- SHA256
  
  efc00db9c76fdbe84af2407b4cc94bbafaa06212176241606db3d11380f22738
- SHA512
  
  0dae540a4c97d2165c608f8ae9c784dca684bc83b82b67e3a3c0387f2858cd469d1437e7d11e822ddb9e2973c4cb45a9e75d3f6f41be00bd87b0edfcb2a45aec
- SSDEEP
  
  6144:oUVt8kFl+t/zuRqQHvYRg8alf92A+0cH6ePs//YohtnyvGW0rLAbx6dpLN4XQKJ3:ooFlOarUalF2Jizny+W0rS3
Score

10^/10

fickerstealer discovery infostealer
- Fickerstealer
  Ficker is an infostealer written in Rust and ASM.
  infostealer fickerstealer
- Fickerstealer family
  fickerstealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fickerstealerdiscoveryinfostealer

behavioral2

fickerstealerdiscoveryinfostealer