Overview

overview

10

Static

static

1

9b36c90f30...8c.exe

windows7-x64

10

9b36c90f30...8c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b36c90f30bd2fddc8dd31652121f68c

  • Size

    529KB

  • Sample

    240214-kfzr8seh59

  • MD5

    9b36c90f30bd2fddc8dd31652121f68c

  • SHA1

    a6de8b0926e2ee724e6b377dd6309db1817b1c8d

  • SHA256

    b902e1f3442956ea6c039a41b19fd94517fd70882b433d7958bbe6d481123b62

  • SHA512

    f9ce98ce554f72b544d939b1714c76bebe7b95238aef7921db68064a797e4abad839b82415b1455d51a53a013ef1ab6dbf1a942bc419f69210e13e081d18e778

  • SSDEEP

    12288:VO3CZpG0g7cWlVtR4nre3JyDoZI2MW0rwrsu:rZpG0QPin63JaoZI2h3

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

80.87.192.115:80

Targets

    • Target

      9b36c90f30bd2fddc8dd31652121f68c

    • Size

      529KB

    • MD5

      9b36c90f30bd2fddc8dd31652121f68c

    • SHA1

      a6de8b0926e2ee724e6b377dd6309db1817b1c8d

    • SHA256

      b902e1f3442956ea6c039a41b19fd94517fd70882b433d7958bbe6d481123b62

    • SHA512

      f9ce98ce554f72b544d939b1714c76bebe7b95238aef7921db68064a797e4abad839b82415b1455d51a53a013ef1ab6dbf1a942bc419f69210e13e081d18e778

    • SSDEEP

      12288:VO3CZpG0g7cWlVtR4nre3JyDoZI2MW0rwrsu:rZpG0QPin63JaoZI2h3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks