General
-
Target
2024-07-29_83fd2ac8f184b6707cca6fe6e16d76e5_floxif_mafia
-
Size
5.0MB
-
Sample
240729-y58ckaydnj
-
MD5
83fd2ac8f184b6707cca6fe6e16d76e5
-
SHA1
f584a2caa4bde9a9fbd8c2cae3c723ad4654b757
-
SHA256
4881ab9e2e1725e6434fa2a47fa4e9856e2a3dded5c29a9ccaf0f5a69a0fa51e
-
SHA512
fb928ed3166f9c7f28937fe2636e65cdee6a2256f685f74e7ef40cad673974aa8ca2dff08975b78449475c372d50ef4426f3383a43b8520b330c71d7f47a0e6a
-
SSDEEP
98304:z3Ui6Ac9n1oTiFathhqRUpTYpsQcWa4J7OSqrGwu01GPiNgh1OiwqtKg8lLqzS4X:z3Ui61kjpzQc4J7OXGwu01GPiNgh1OiV
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-29_83fd2ac8f184b6707cca6fe6e16d76e5_floxif_mafia.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
2024-07-29_83fd2ac8f184b6707cca6fe6e16d76e5_floxif_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-29_83fd2ac8f184b6707cca6fe6e16d76e5_floxif_mafia
-
Size
5.0MB
-
MD5
83fd2ac8f184b6707cca6fe6e16d76e5
-
SHA1
f584a2caa4bde9a9fbd8c2cae3c723ad4654b757
-
SHA256
4881ab9e2e1725e6434fa2a47fa4e9856e2a3dded5c29a9ccaf0f5a69a0fa51e
-
SHA512
fb928ed3166f9c7f28937fe2636e65cdee6a2256f685f74e7ef40cad673974aa8ca2dff08975b78449475c372d50ef4426f3383a43b8520b330c71d7f47a0e6a
-
SSDEEP
98304:z3Ui6Ac9n1oTiFathhqRUpTYpsQcWa4J7OSqrGwu01GPiNgh1OiwqtKg8lLqzS4X:z3Ui61kjpzQc4J7OXGwu01GPiNgh1OiV
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-