ioc[.]one - OSINT Cyber Threat Intelligence Database

Malware Analysis — FFDroider

Tags

attack-pattern:

Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	6dd2fdac-d598-4195-a1c5-e1566690152e
Fingerprint	82061f092db702a7
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 9, 2022, 7:35 a.m.
Added to db	Sept. 11, 2022, 12:36 p.m.
Last updated	Nov. 17, 2024, 5:58 p.m.
Headline	Malware Analysis [#2] — FFDroider
Title	Malware Analysis — FFDroider
Detected Hints/Tags/Attributes	24/1/15

Source URLs

	Redirection	Url
Details	Source	https://infosecwriteups.com/malware-analysis-ffdroider-21a3fc0fe40f?source=rss----7b722bfd1b8d---4
Details	Source	https://infosecwriteups.com/malware-analysis-ffdroider-21a3fc0fe40f?source=rss----7b722bfd1b8d---4&gi=5b9ba537f969

URL Provider

Details	Provider	Source level domain
Details	infosecwriteups.com	infosecwriteups.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	136	✔	InfoSec Write-ups - Medium	https://infosecwriteups.com/feed	2024-08-30 22:08
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	1		fbrobot.exe
Details	File	1		string.txt
Details	File	7		ielowutil.exe
Details	File	146		wininet.dll
Details	File	11		ieframe.dll
Details	File	59		netapi32.dll
Details	File	229		advapi32.dll
Details	File	53		iphlpapi.dll
Details	File	2		il.php
Details	File	54		install.exe
Details	File	31		tmp.exe
Details	md5	1		b1d856afe8ffd2649843d64affe9d4c3
Details	IPv4	1		152.32.193.91
Details	Url	1		https://152.32.193.91/seemorebty
Details	Windows Registry Key	36		HKCU\Software