General
-
Target
2024-07-27_c23d5269f1c6ac7ddf1e07bb6cca044c_floxif_mafia
-
Size
1.8MB
-
Sample
240727-ps96yszdkl
-
MD5
c23d5269f1c6ac7ddf1e07bb6cca044c
-
SHA1
24d01b3707e573e47c6deaf0ddaa70ec60bb21aa
-
SHA256
5660f411b8b36c4c23ef21d5aa1840d819a2ff0369e5b26da8d2f58711c1a38f
-
SHA512
e78f8b157832aeef14f15737a3b2f6f61ef146bd8509553f3f798453a26815b126bfb93d88074a4a24a8f1bd87d330963a26d45a6fef15b27fac170960840a4d
-
SSDEEP
49152:EJnJ1ivPNGPklQON6V2F/bqIdl/LmCvgPCle2LMkdBpviF9PWDvv2+:I1ivPNG0QOY2F/bqIdl/LmCvgPexLzvZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_c23d5269f1c6ac7ddf1e07bb6cca044c_floxif_mafia.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
2024-07-27_c23d5269f1c6ac7ddf1e07bb6cca044c_floxif_mafia
-
Size
1.8MB
-
MD5
c23d5269f1c6ac7ddf1e07bb6cca044c
-
SHA1
24d01b3707e573e47c6deaf0ddaa70ec60bb21aa
-
SHA256
5660f411b8b36c4c23ef21d5aa1840d819a2ff0369e5b26da8d2f58711c1a38f
-
SHA512
e78f8b157832aeef14f15737a3b2f6f61ef146bd8509553f3f798453a26815b126bfb93d88074a4a24a8f1bd87d330963a26d45a6fef15b27fac170960840a4d
-
SSDEEP
49152:EJnJ1ivPNGPklQON6V2F/bqIdl/LmCvgPCle2LMkdBpviF9PWDvv2+:I1ivPNG0QOY2F/bqIdl/LmCvgPexLzvZ
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-