General
-
Target
0e5343d466d238ba40cb2f3c88d42dc36fd60863602e1641326ca5ee3bc6c56e
-
Size
377KB
-
Sample
240727-xkf7xatbrq
-
MD5
9c5aa5aa73ae697417bb17733913e66d
-
SHA1
38bbce22e9f7f3d36ac1a11f56f8d0335892614c
-
SHA256
0e5343d466d238ba40cb2f3c88d42dc36fd60863602e1641326ca5ee3bc6c56e
-
SHA512
53003abe421440f92f756389f508feba1af14953372da4a4fd066ec20d047943f427215348d1181464a0bb64aee73dff5d921d401f7294a91da6bd57ffb8c6d8
-
SSDEEP
3072:uglilKqmhpo0Sb9OpxRAWHiQj2Q9+7WHJnLXwULLRWX2lQBV+UdE+rECWp7hKlJ:+9oLRA8aQ9ISLWBV+UdvrEFp7hKlJ
Static task
static1
Behavioral task
behavioral1
Sample
0e5343d466d238ba40cb2f3c88d42dc36fd60863602e1641326ca5ee3bc6c56e.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0e5343d466d238ba40cb2f3c88d42dc36fd60863602e1641326ca5ee3bc6c56e.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
0e5343d466d238ba40cb2f3c88d42dc36fd60863602e1641326ca5ee3bc6c56e
-
Size
377KB
-
MD5
9c5aa5aa73ae697417bb17733913e66d
-
SHA1
38bbce22e9f7f3d36ac1a11f56f8d0335892614c
-
SHA256
0e5343d466d238ba40cb2f3c88d42dc36fd60863602e1641326ca5ee3bc6c56e
-
SHA512
53003abe421440f92f756389f508feba1af14953372da4a4fd066ec20d047943f427215348d1181464a0bb64aee73dff5d921d401f7294a91da6bd57ffb8c6d8
-
SSDEEP
3072:uglilKqmhpo0Sb9OpxRAWHiQj2Q9+7WHJnLXwULLRWX2lQBV+UdE+rECWp7hKlJ:+9oLRA8aQ9ISLWBV+UdvrEFp7hKlJ
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-