ffdroider | 2781b3209b36b385ac125836544fff3394376e5b17812bc0d7f9ea89c997e2c2 | Triage

Submit
Reports

Overview

overview

Static

static

2781b3209b...c2.exe

windows7-x64

2781b3209b...c2.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2781b3209b36b385ac125836544fff3394376e5b17812bc0d7f9ea89c997e2c2.exe

Resource

win7-20220901-en

ffdroider spyware stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

2781b3209b36b385ac125836544fff3394376e5b17812bc0d7f9ea89c997e2c2.exe

Resource

win10v2004-20220901-en

ffdroider evasion spyware stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

2781b3209b36b385ac125836544fff3394376e5b17812bc0d7f9ea89c997e2c2
Size

1.3MB
MD5

8827cdc197863cfa6cbadc731540832b
SHA1

b96f9125b61a99afb83a6566f7feb11fd97ca305
SHA256

2781b3209b36b385ac125836544fff3394376e5b17812bc0d7f9ea89c997e2c2
SHA512

4f3cb6d7b5025463a1e8087c2e6ffe1e2186b7b18bea5b374894fabd69024cb03a1adb83aae498a826ce4160c226f23934e811f8ae8dc26e2c759ab62dbeb7f9
SSDEEP

24576:ccURbdngEBJKuumfsEOJrpDI6mUfdRiETmqWVS6ZShnakTufpPBnkqrXepgfVYyc:ccURpgmJBr+JVIsdRi/MYBBnky3VRc

Score

10^/10

ffdroider

Malware Config

Extracted

Family

ffdroider

C2

http://101.36.107.74

Signatures

Ffdroider family
ffdroider

Files

2781b3209b36b385ac125836544fff3394376e5b17812bc0d7f9ea89c997e2c2
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy