General
-
Target
2024-06-18_b01a38528cc41cf5f5047341625f3c97_avoslocker_floxif
-
Size
1009KB
-
Sample
240618-t48vgs1frf
-
MD5
b01a38528cc41cf5f5047341625f3c97
-
SHA1
36494114d9e26c7d55a693ce12363910e5ed847a
-
SHA256
d12aa96ad631335279b569eefd09a0e1d98203b262b42066298163590e7a1242
-
SHA512
f715a6ae0779f23c4c266f9d528a61a436bf0066f2b97cb7f8bd8ede0a94037746dd168dfb78f61120d04b0175df38f6983b0af48bd5eb252b720ef8686a2b95
-
SSDEEP
24576:+NbP+i829rvtMR82UumYYmyUOWmfy7NWlVeh5WKg8QT6cBrEH7l:+5++6+2UumYYmyRWmfy5WlVeOKgQcC
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-18_b01a38528cc41cf5f5047341625f3c97_avoslocker_floxif.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-18_b01a38528cc41cf5f5047341625f3c97_avoslocker_floxif.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-18_b01a38528cc41cf5f5047341625f3c97_avoslocker_floxif
-
Size
1009KB
-
MD5
b01a38528cc41cf5f5047341625f3c97
-
SHA1
36494114d9e26c7d55a693ce12363910e5ed847a
-
SHA256
d12aa96ad631335279b569eefd09a0e1d98203b262b42066298163590e7a1242
-
SHA512
f715a6ae0779f23c4c266f9d528a61a436bf0066f2b97cb7f8bd8ede0a94037746dd168dfb78f61120d04b0175df38f6983b0af48bd5eb252b720ef8686a2b95
-
SSDEEP
24576:+NbP+i829rvtMR82UumYYmyUOWmfy7NWlVeh5WKg8QT6cBrEH7l:+5++6+2UumYYmyRWmfy5WlVeOKgQcC
Score9/10-
UPX dump on OEP (original entry point)
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-