Extracted

• • Target

    d7eb620404874d7f77870f1b1ecaeee3

  • Size

    758KB

  • MD5

    d7eb620404874d7f77870f1b1ecaeee3

  • SHA1

    e281d765ee3facac0140732427c291f1a31d90b4

  • SHA256

    1dce5d2a9682c811f7c4dd7e4f4c8f26ba35bba8803efe316aabddafb41c1708

  • SHA512

    5042740a5f8d650cdce19b07eb45896dac5b76c853a60158b4c09ddbf83f3463ba6789dc93357aad18343add3a84e1e518c9511e0bc1af16ff16966007ad4bb8

  • SSDEEP

    12288:AfZMnJxs7QUxOwR8s3AYxHHu90MnJ33Px1MKU2GLcOPSv8AQv8JyWOOFPDGMi4:AfZMg7QXw2sQYtuHJHpORncOKv8TTWNM

  Score

  10^/10

  ffdroiderstealervmprotectevasionspywaretrojan

  • FFDroider

    Stealer targeting social media platform users first seen in April 2022.

    stealerffdroider

  • FFDroider payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • VMProtect packed file

    Detects executables packed with VMProtect commercial packer.

    vmprotect

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2