General

  • Target

    94031fe0fbda71abdfa4f51c370d0da17deae7578549a81335dfbb446f75c474

  • Size

    1MB

  • Sample

    220424-2x7mvaabc3

  • MD5

    beb93a48eefd9be5e5664754e9c6f175

  • SHA1

    d007e52aa93034a54b2f8167e3bcdcff8a65a63d

  • SHA256

    94031fe0fbda71abdfa4f51c370d0da17deae7578549a81335dfbb446f75c474

  • SHA512

    7b7ca6a538eed77f8a10aa9628466a2d41d3133510663d065594ee83dfec5e432d8a0bd206b7383e014f8bad282c736662d22c9b9e5705436ec235e8c384cb2a

Malware Config

Targets

    • Target

      94031fe0fbda71abdfa4f51c370d0da17deae7578549a81335dfbb446f75c474

    • Size

      1MB

    • MD5

      beb93a48eefd9be5e5664754e9c6f175

    • SHA1

      d007e52aa93034a54b2f8167e3bcdcff8a65a63d

    • SHA256

      94031fe0fbda71abdfa4f51c370d0da17deae7578549a81335dfbb446f75c474

    • SHA512

      7b7ca6a538eed77f8a10aa9628466a2d41d3133510663d065594ee83dfec5e432d8a0bd206b7383e014f8bad282c736662d22c9b9e5705436ec235e8c384cb2a

    • FFDroider

      Stealer targeting social media platform users first seen in April 2022.

    • FFDroider Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Collection

Data from Local System

1
T1005

Tasks