ffdroider | 06513f1517419cea31daa73ceb9ff9fbe6ffaa8bdd66d7e3af95b84c377c546a | Triage

Sharing

General

Target

0x000600000001413d-159.dat
Size

4.6MB
Sample

240301-syztyshd74
MD5

a026d536a303ffb878a59e3fbecfa54f
SHA1

adec7d1bbbeb0165cc8467be53fd150a4a518c53
SHA256

06513f1517419cea31daa73ceb9ff9fbe6ffaa8bdd66d7e3af95b84c377c546a
SHA512

841b9296d45b0663a6673861520e0c903e4c891b2a8b2f5ecfb9b2af14278cc708d3fd2183d34168263470f88936d27ba9dbc0b8463bd8537b14ece5c54f97ed
SSDEEP

98304:yoR2I5wqk0BAX3yRx31gjqpSTZZpzGcyn4OiZrq1DfPHNADtV6v+D:5/lSZpzGp4O7NADtV6v+

Score

10^/10

ffdroider evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  0x000600000001413d-159.dat
- Size
  
  4.6MB
- MD5
  
  a026d536a303ffb878a59e3fbecfa54f
- SHA1
  
  adec7d1bbbeb0165cc8467be53fd150a4a518c53
- SHA256
  
  06513f1517419cea31daa73ceb9ff9fbe6ffaa8bdd66d7e3af95b84c377c546a
- SHA512
  
  841b9296d45b0663a6673861520e0c903e4c891b2a8b2f5ecfb9b2af14278cc708d3fd2183d34168263470f88936d27ba9dbc0b8463bd8537b14ece5c54f97ed
- SSDEEP
  
  98304:yoR2I5wqk0BAX3yRx31gjqpSTZZpzGcyn4OiZrq1DfPHNADtV6v+D:5/lSZpzGp4O7NADtV6v+
Score

7^/10

spyware stealer evasion trojan
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionspywarestealertrojan