Overview

overview

10

Static

static

1

87b254d98f...d1.exe

windows7-x64

10

87b254d98f...d1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    87b254d98f7521325ee83bbf43081cd1

  • Size

    493KB

  • Sample

    240201-x34e6adaf4

  • MD5

    87b254d98f7521325ee83bbf43081cd1

  • SHA1

    fdc3d5d5ac821d0d83d4ac6b8b1d2b415f2782ea

  • SHA256

    6f292714105ffc66803d6e5975965d28614af6c9d05eaaf9fc926f920d1f0517

  • SHA512

    5837dc0e75187f851cd2c31f0cdda46362c94ca85af76c8805088848ec51f771878167eba46b61a45f19ceaab757e9f1d868499669067d4494388e009ccb7252

  • SSDEEP

    12288:D0SQqzsJJQsdfc9UXHeT+EiARwoOG5MW0rwrsu:DHOtXHeT+Ei2Bh3

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

80.87.192.115:80

Targets

    • Target

      87b254d98f7521325ee83bbf43081cd1

    • Size

      493KB

    • MD5

      87b254d98f7521325ee83bbf43081cd1

    • SHA1

      fdc3d5d5ac821d0d83d4ac6b8b1d2b415f2782ea

    • SHA256

      6f292714105ffc66803d6e5975965d28614af6c9d05eaaf9fc926f920d1f0517

    • SHA512

      5837dc0e75187f851cd2c31f0cdda46362c94ca85af76c8805088848ec51f771878167eba46b61a45f19ceaab757e9f1d868499669067d4494388e009ccb7252

    • SSDEEP

      12288:D0SQqzsJJQsdfc9UXHeT+EiARwoOG5MW0rwrsu:DHOtXHeT+Ei2Bh3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks