Malware-Traffic-Analysis.net - 2025-12-11: SmartApeSG ClickFix activity using finger command

2025-12-11 (THURSDAY): SMARTAPESG CLICKFIX ACTIVITY USING FINGER COMMAND

ASSOCIATED FILES:

2025-12-11-IOCs-for-SmartApeSG-ClickFix-activity.txt.zip 1.1 kB (1,060 bytes)
2025-12-11-HTTPS-traffic-for-SmartApeSG-ClickFix-page.zip 202.0 kB (202,030 bytes)
2025-12-11-SmartApeSG-ClickFix-activity.pcap.zip 44.1 MB (44,147,432 bytes)
2025-12-11-malware-and-artifacts-from-SmartApeSG-ClickFix-activity.zip 38.6 MB (38,634,378 bytes)

NOTES:

I got a full infection when I ran the ClickFix script on a physical host. It didn't work on the VM.
This is activity I originally recorded for a SANS ISC diary I wrote at https://isc.sans.edu/diary/ClickFix+Attacks+Still+Using+the+Finger/32566/

Click here to return to the main page.