Overview

overview

9

Static

static

1

2024-02-12...ia.exe

windows7-x64

9

2024-02-12...ia.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_22fe0401dfa96d52bd8c992f54d741ec_floxif_mafia

  • Size

    1.8MB

  • Sample

    240212-w2jtpaah6s

  • MD5

    22fe0401dfa96d52bd8c992f54d741ec

  • SHA1

    a32d1f23364e6959f1184ef6802bedca66ea0714

  • SHA256

    0851550163c50d41dd61f1b0c82b20c134003e54068e48572147b834ccea9945

  • SHA512

    0dc466782ba3bac915c522cf8fe3796470d6ad7256b4770808823e84d3cd7ea669236069fc55abcd00e9673080b78945a47664f4943f47b16a8795406eeeb0cb

  • SSDEEP

    49152:W5Zp6SIguuBe5+s5TvDwpPtwHvehhFKT8oBaqBeqyZSERu9Wq:W5qSfuuUv0pPWehhFMBpBeq0k

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      2024-02-12_22fe0401dfa96d52bd8c992f54d741ec_floxif_mafia

    • Size

      1.8MB

    • MD5

      22fe0401dfa96d52bd8c992f54d741ec

    • SHA1

      a32d1f23364e6959f1184ef6802bedca66ea0714

    • SHA256

      0851550163c50d41dd61f1b0c82b20c134003e54068e48572147b834ccea9945

    • SHA512

      0dc466782ba3bac915c522cf8fe3796470d6ad7256b4770808823e84d3cd7ea669236069fc55abcd00e9673080b78945a47664f4943f47b16a8795406eeeb0cb

    • SSDEEP

      49152:W5Zp6SIguuBe5+s5TvDwpPtwHvehhFKT8oBaqBeqyZSERu9Wq:W5qSfuuUv0pPWehhFMBpBeq0k

    Score
    9/10
    upxpersistence

    • UPX dump on OEP (original entry point)

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks