General
-
Target
2024-07-27_dddd546f76b7d79f05791f8e30a7739d_floxif_mafia
-
Size
2.5MB
-
Sample
240727-qm8lls1ekl
-
MD5
dddd546f76b7d79f05791f8e30a7739d
-
SHA1
c1bc9cd064242ab577152609797500ec6dd549fa
-
SHA256
aac0baef5f6b57ec29285eb41e9056b9d898c2acfdcdaa69cdb3aceee24859ba
-
SHA512
da6a1509df2e270d6fdf6fdfe50bd2daf9af9df526aba092b1f18f091eadaa34d82be216ac8a87402784acc0f097b8f7221a07df31a228cfc732715afa68ba04
-
SSDEEP
49152:SuIIKTofs2hPd2l177BTK2VbDsar1YDjm:Sj6fs2hPIl1/V
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_dddd546f76b7d79f05791f8e30a7739d_floxif_mafia.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-27_dddd546f76b7d79f05791f8e30a7739d_floxif_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-27_dddd546f76b7d79f05791f8e30a7739d_floxif_mafia
-
Size
2.5MB
-
MD5
dddd546f76b7d79f05791f8e30a7739d
-
SHA1
c1bc9cd064242ab577152609797500ec6dd549fa
-
SHA256
aac0baef5f6b57ec29285eb41e9056b9d898c2acfdcdaa69cdb3aceee24859ba
-
SHA512
da6a1509df2e270d6fdf6fdfe50bd2daf9af9df526aba092b1f18f091eadaa34d82be216ac8a87402784acc0f097b8f7221a07df31a228cfc732715afa68ba04
-
SSDEEP
49152:SuIIKTofs2hPd2l177BTK2VbDsar1YDjm:Sj6fs2hPIl1/V
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-