Overview

overview

10

Static

static

3

9fdeed473f...bc.exe

windows7-x64

10

9fdeed473f...bc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9fdeed473f923e282c4394ff58191cbc

  • Size

    470KB

  • Sample

    240216-j4b6eaee79

  • MD5

    9fdeed473f923e282c4394ff58191cbc

  • SHA1

    2ba8aafc4717afd8d374448b2193adba7a3d3f11

  • SHA256

    78dce934e15d7dd8be0038d350f32d1d02128b560fb328f954ce44b7fead353e

  • SHA512

    f25a915edb13ab797dcb128050b24aa1da90a0531d7d5d2a482e2c7ad74b2dc9792fdf1db4e75fa474e266718a3cdc47468ad6422c54d9498fce588a3d9ddb95

  • SSDEEP

    6144:i+0ZycPjPPztWO/9adNDF5AJxbjYfC1lAAJB/L1XaW0rLFb56dpLN4XQKJ3:QycPzPztWuad5ebj09AnxXaW0rN3

Score
10/10
fickerstealerinfostealer

Malware Config

Extracted

Family

fickerstealer

C2

asfasfvcxvdbs.com:80

Targets

    • Target

      9fdeed473f923e282c4394ff58191cbc

    • Size

      470KB

    • MD5

      9fdeed473f923e282c4394ff58191cbc

    • SHA1

      2ba8aafc4717afd8d374448b2193adba7a3d3f11

    • SHA256

      78dce934e15d7dd8be0038d350f32d1d02128b560fb328f954ce44b7fead353e

    • SHA512

      f25a915edb13ab797dcb128050b24aa1da90a0531d7d5d2a482e2c7ad74b2dc9792fdf1db4e75fa474e266718a3cdc47468ad6422c54d9498fce588a3d9ddb95

    • SSDEEP

      6144:i+0ZycPjPPztWO/9adNDF5AJxbjYfC1lAAJB/L1XaW0rLFb56dpLN4XQKJ3:QycPzPztWuad5ebj09AnxXaW0rN3

    Score
    10/10
    fickerstealerinfostealer

    • Fickerstealer

      Ficker is an infostealer written in Rust and ASM.

      infostealerfickerstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks