General
-
Target
2024-07-27_4d6063f3a45bbd6362de701cb225a36a_floxif_mafia
-
Size
2.5MB
-
Sample
240727-pm2mmazblq
-
MD5
4d6063f3a45bbd6362de701cb225a36a
-
SHA1
ac29a7a816f4c2a01e7679299f815f3b6f39bda1
-
SHA256
fdc4cb3d819e1ecc653beb63f9f8c82378d0ad9a7d8dfe14a5b7e2040e7e1ab8
-
SHA512
4a7e9759c827fbd48316bc717b09ca12a29696aa824fd0adaa992a04785e43f4899809610c441aaf2084e8f7fdffa36a7859f21e8326adeed40cad3e1bf4c781
-
SSDEEP
49152:tuIEKxofs2hPd2l177BTK2VbDsar1YDjL:tj8fs2hPIl1/k
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_4d6063f3a45bbd6362de701cb225a36a_floxif_mafia.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2024-07-27_4d6063f3a45bbd6362de701cb225a36a_floxif_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-27_4d6063f3a45bbd6362de701cb225a36a_floxif_mafia
-
Size
2.5MB
-
MD5
4d6063f3a45bbd6362de701cb225a36a
-
SHA1
ac29a7a816f4c2a01e7679299f815f3b6f39bda1
-
SHA256
fdc4cb3d819e1ecc653beb63f9f8c82378d0ad9a7d8dfe14a5b7e2040e7e1ab8
-
SHA512
4a7e9759c827fbd48316bc717b09ca12a29696aa824fd0adaa992a04785e43f4899809610c441aaf2084e8f7fdffa36a7859f21e8326adeed40cad3e1bf4c781
-
SSDEEP
49152:tuIEKxofs2hPd2l177BTK2VbDsar1YDjL:tj8fs2hPIl1/k
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-