General
-
Target
2024-07-27_c8df3d6c5ea2bf3992051a79cf1fbf41_floxif_mafia
-
Size
1.8MB
-
Sample
240727-qmfwlavand
-
MD5
c8df3d6c5ea2bf3992051a79cf1fbf41
-
SHA1
46747fe012c491c743a7ccf2ec3a3e622d268395
-
SHA256
2952bfcfb5ee3b267b9f3fb874981d2bfcbc88fda371069d7f8ce36c8fe1fc72
-
SHA512
bfc32a969097e1c2807a2df61e49491e98e596c9ad289bc74d3face9a37393bb3dcd6440a77c6804aecbc4842d31905643274c3e7776774cfd0459bd832979da
-
SSDEEP
49152:EJnJ1ivPNGPkR3EN6V2F/bqIdl/LmCvgPCle2LMkdlpviF9PWDvvI:I1ivPNGA3EY2F/bqIdl/LmCvgPexL3ve
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_c8df3d6c5ea2bf3992051a79cf1fbf41_floxif_mafia.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-27_c8df3d6c5ea2bf3992051a79cf1fbf41_floxif_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-27_c8df3d6c5ea2bf3992051a79cf1fbf41_floxif_mafia
-
Size
1.8MB
-
MD5
c8df3d6c5ea2bf3992051a79cf1fbf41
-
SHA1
46747fe012c491c743a7ccf2ec3a3e622d268395
-
SHA256
2952bfcfb5ee3b267b9f3fb874981d2bfcbc88fda371069d7f8ce36c8fe1fc72
-
SHA512
bfc32a969097e1c2807a2df61e49491e98e596c9ad289bc74d3face9a37393bb3dcd6440a77c6804aecbc4842d31905643274c3e7776774cfd0459bd832979da
-
SSDEEP
49152:EJnJ1ivPNGPkR3EN6V2F/bqIdl/LmCvgPCle2LMkdlpviF9PWDvvI:I1ivPNGA3EY2F/bqIdl/LmCvgPexL3ve
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-