Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

md9_1sjm.exe

windows7-x64

10

md9_1sjm.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    md9_1sjm.bin

  • Size

    2.1MB

  • Sample

    220718-w8w3laecdk

  • MD5

    3b3d48102a0d45a941f98d8aabe2dc43

  • SHA1

    0dae4fd9d74f24452b2544e0f166bf7db2365240

  • SHA256

    f4fdf9842d2221eb8910e6829b8467d867e346b7f73e2c3040f16eb77630b8f0

  • SHA512

    65ae273b5ea434b268bbd8d38fe325cf62ed3316950796fa90defbc8a74c55fba0a99100f2ae674206335a08e8ea827d01eeccf26adf84ebfeebb0f17cfb7ba8

  • SSDEEP

    49152:wjs8vwLUm1R8Bjiu3bzz23YrpujbsTSB6/6Pp372TMZY:wo8vW1R8Bh3bu3GaBg6ZRY

Score
10/10
ffdroiderevasionspywarestealersuricatatrojan

Malware Config

Extracted

Family

ffdroider

C2

http://186.2.171.3

Targets

    • Target

      md9_1sjm.bin

    • Size

      2.1MB

    • MD5

      3b3d48102a0d45a941f98d8aabe2dc43

    • SHA1

      0dae4fd9d74f24452b2544e0f166bf7db2365240

    • SHA256

      f4fdf9842d2221eb8910e6829b8467d867e346b7f73e2c3040f16eb77630b8f0

    • SHA512

      65ae273b5ea434b268bbd8d38fe325cf62ed3316950796fa90defbc8a74c55fba0a99100f2ae674206335a08e8ea827d01eeccf26adf84ebfeebb0f17cfb7ba8

    • SSDEEP

      49152:wjs8vwLUm1R8Bjiu3bzz23YrpujbsTSB6/6Pp372TMZY:wo8vW1R8Bh3bu3GaBg6ZRY

    Score
    10/10
    ffdroiderspywarestealersuricataevasiontrojan

    • FFDroider

      Stealer targeting social media platform users first seen in April 2022.

      stealerffdroider

    • FFDroider payload

    • suricata: ET MALWARE Win32/FFDroider CnC Activity M2

      suricata: ET MALWARE Win32/FFDroider CnC Activity M2

      suricata

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks