General
-
Target
b2541a7747212b2e4e250d660fea4c30N.exe
-
Size
5.2MB
-
Sample
240727-lvtp7svelb
-
MD5
b2541a7747212b2e4e250d660fea4c30
-
SHA1
42acac0b299d6f1f13f79794fad8a0cddc498c4d
-
SHA256
cc33efbddfc4349d4e4ff6ba0bbfa8d07f24d074c1b0bc98743e19c0d590d023
-
SHA512
8d33812cb1f8a0ac7859608e7bcbeca2e0b341b3bba815a16f02e1739232abd28791ce6bd391786855f3fda8d6a78b1492f775e834b57560557fbd351cf2ea86
-
SSDEEP
49152:104mSepIRjnv+yR5l1mQw9IJtwDhTsfAPLnzZF3dkYUsDJNsc8jDj5ZkaGAC0w2x:1TepIRbvXvtQhTs49OsDJNsc8V
Static task
static1
Behavioral task
behavioral1
Sample
b2541a7747212b2e4e250d660fea4c30N.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b2541a7747212b2e4e250d660fea4c30N.dll
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
b2541a7747212b2e4e250d660fea4c30N.exe
-
Size
5.2MB
-
MD5
b2541a7747212b2e4e250d660fea4c30
-
SHA1
42acac0b299d6f1f13f79794fad8a0cddc498c4d
-
SHA256
cc33efbddfc4349d4e4ff6ba0bbfa8d07f24d074c1b0bc98743e19c0d590d023
-
SHA512
8d33812cb1f8a0ac7859608e7bcbeca2e0b341b3bba815a16f02e1739232abd28791ce6bd391786855f3fda8d6a78b1492f775e834b57560557fbd351cf2ea86
-
SSDEEP
49152:104mSepIRjnv+yR5l1mQw9IJtwDhTsfAPLnzZF3dkYUsDJNsc8jDj5ZkaGAC0w2x:1TepIRbvXvtQhTs49OsDJNsc8V
-
Detects Floxif payload
-
Blocklisted process makes network request
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-