General
-
Target
2024-06-18_dcc13fa2f0072cef2e9057eebe01aec3_floxif_mafia
-
Size
3.9MB
-
Sample
240618-t7j1jawbpm
-
MD5
dcc13fa2f0072cef2e9057eebe01aec3
-
SHA1
602b13bdf791b24b333efbbfc5455f1dd3a9cdc3
-
SHA256
6b79a0c11edc361b7efb6721dc9bd4aa0fa24d68b2a14b9dbacba849ae39408d
-
SHA512
9cb8f60e06b5dee4c475dbcc4056a593a4952b4f6aab65843967b8d46196ac164ac91538e02771a4180c660fc55dd047c1208eb988c50a2ac145b0c6241a96b1
-
SSDEEP
98304:1g+ESjoa9kZ6DRwcEtzCyQWuKglLgEQ/PF9rj+De0nzQUyH:1g+ESJ9k6bOuTgzF9rj+DoUM
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-18_dcc13fa2f0072cef2e9057eebe01aec3_floxif_mafia.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2024-06-18_dcc13fa2f0072cef2e9057eebe01aec3_floxif_mafia.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-18_dcc13fa2f0072cef2e9057eebe01aec3_floxif_mafia
-
Size
3.9MB
-
MD5
dcc13fa2f0072cef2e9057eebe01aec3
-
SHA1
602b13bdf791b24b333efbbfc5455f1dd3a9cdc3
-
SHA256
6b79a0c11edc361b7efb6721dc9bd4aa0fa24d68b2a14b9dbacba849ae39408d
-
SHA512
9cb8f60e06b5dee4c475dbcc4056a593a4952b4f6aab65843967b8d46196ac164ac91538e02771a4180c660fc55dd047c1208eb988c50a2ac145b0c6241a96b1
-
SSDEEP
98304:1g+ESjoa9kZ6DRwcEtzCyQWuKglLgEQ/PF9rj+De0nzQUyH:1g+ESJ9k6bOuTgzF9rj+DoUM
Score9/10-
UPX dump on OEP (original entry point)
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-