ffdroider | 912-59-0x0000000000900000-0x0000000000B9E000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

912-59-0x0...ry.exe

windows7-x64

912-59-0x0...ry.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

912-59-0x0000000000900000-0x0000000000B9E000-memory.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

912-59-0x0000000000900000-0x0000000000B9E000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

912-59-0x0000000000900000-0x0000000000B9E000-memory.dmp
Size

2.6MB
MD5

076f62dd531ecfa3ff776f123991c64d
SHA1

5efc51f44c97308e5685de1f585697cb5ba8486d
SHA256

fe9905de02ea82069fa1a2a96d3fbbb6ef95fc622aa5cd7b62d4405fd88af4da
SHA512

88cdb508fb5b0e848b1af3bbda2080276f2e70c3fdbce158ec9bad26dee9f4a408a796a694bc15b07ac2e82c450794ee027deddc51a532b4e4b98c42f9ef44d9
SSDEEP

49152:pRgJRTgCCqBOZMMchnMlRXczKHCC26S3etU3HZ4gyOVbnucYlGjPl:aRsqkZMMcpMvczKHCp+tMqgyOVbnucY2

Score

10^/10

ffdroider

Malware Config

Extracted

Family

ffdroider

C2

http://103.136.42.153

Signatures

Ffdroider family
ffdroider

Files

912-59-0x0000000000900000-0x0000000000B9E000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 882KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 125KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 57KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ask
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy