Overview

overview

10

Static

static

1

9b3a48885e...29.exe

windows7-x64

10

9b3a48885e...29.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b3a48885e68dc3b8789d40b1b17cf29

  • Size

    590KB

  • Sample

    240214-klh2nsdh8z

  • MD5

    9b3a48885e68dc3b8789d40b1b17cf29

  • SHA1

    dd5cd00cad61141902edb80b9e7b0f1871014129

  • SHA256

    10e1f1c29be80c8dd103f9fcb440ca20524a93c803dd6456218bdc0969942f3a

  • SHA512

    772c9d42d9cd1b1bb1aa4ee9c1c60325d1d1c8cb30d4229925854053f5dbb01acbe872544ca3423643a91d3507b53d2159c1ee2b58a7a354c6d734245d2e2604

  • SSDEEP

    12288:DFGTTS9rj8Caiyad10SmvEFPxUJ35mIMW0rwrsu:sT+1xdiEZxA35mIh3

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

80.87.192.115:80

Targets

    • Target

      9b3a48885e68dc3b8789d40b1b17cf29

    • Size

      590KB

    • MD5

      9b3a48885e68dc3b8789d40b1b17cf29

    • SHA1

      dd5cd00cad61141902edb80b9e7b0f1871014129

    • SHA256

      10e1f1c29be80c8dd103f9fcb440ca20524a93c803dd6456218bdc0969942f3a

    • SHA512

      772c9d42d9cd1b1bb1aa4ee9c1c60325d1d1c8cb30d4229925854053f5dbb01acbe872544ca3423643a91d3507b53d2159c1ee2b58a7a354c6d734245d2e2604

    • SSDEEP

      12288:DFGTTS9rj8Caiyad10SmvEFPxUJ35mIMW0rwrsu:sT+1xdiEZxA35mIh3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks