Extracted

• • Target

    3476deb75801446ac3a3df7326dcac73

  • Size

    920KB

  • MD5

    3476deb75801446ac3a3df7326dcac73

  • SHA1

    863b9c8518e6542d69b8b413766158c0f1a2b1a0

  • SHA256

    0e531029c9914e235afd9f2312bfeb6e78303c5afb5e3c5cc753a7825c132944

  • SHA512

    69cf604c777ea7c41353378523686b8e2b5e6912b35f82c0d8ec34aa569975d53f15e085424f8c899b9e12ddf3532c9e7e07a41cd19016120ee4de0a9213ce1b

  • SSDEEP

    12288:mJ63CEYPtxrkzDxQnvfQBao68kZHRfEBUDOumP2f4sWAoBfg7HI1ShDebZB:mJzKDGnVeARf4P2wjBfEo1M0Z

  Score

  10^/10

  ffdroiderstealervmprotectevasionspywaretrojan

  • FFDroider

    Stealer targeting social media platform users first seen in April 2022.

    stealerffdroider

  • FFDroider payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • VMProtect packed file

    Detects executables packed with VMProtect commercial packer.

    vmprotect

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2