General
-
Target
2024-07-30_4941c62c169993f387700ab3f8593adc_bkransomware_floxif_hijackloader
-
Size
2.0MB
-
Sample
240730-avarjsydrj
-
MD5
4941c62c169993f387700ab3f8593adc
-
SHA1
a95370f4c3d5c891b41537343d16c3a9e2c5b216
-
SHA256
de4635305230f1c97805762a414718eb7b892b544decc36e88597e6129f230be
-
SHA512
508ecb3b90c7c7f9a3934dd6ab29ed02f731c2c7cdf3c2975f3bbe7878356a68f268a1feb04d4d6491dacbe7bd59b6a36679ac016a0148b9607fe753a34f415f
-
SSDEEP
49152:Dk0eo5nJIioH/q+c6gXR92IISNbecXxHDoSf3M7sSZOZVVNa6Z6:Dk25nHoH/q+c6y92IBRecXxHUSf3M7sC
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-30_4941c62c169993f387700ab3f8593adc_bkransomware_floxif_hijackloader.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
2024-07-30_4941c62c169993f387700ab3f8593adc_bkransomware_floxif_hijackloader
-
Size
2.0MB
-
MD5
4941c62c169993f387700ab3f8593adc
-
SHA1
a95370f4c3d5c891b41537343d16c3a9e2c5b216
-
SHA256
de4635305230f1c97805762a414718eb7b892b544decc36e88597e6129f230be
-
SHA512
508ecb3b90c7c7f9a3934dd6ab29ed02f731c2c7cdf3c2975f3bbe7878356a68f268a1feb04d4d6491dacbe7bd59b6a36679ac016a0148b9607fe753a34f415f
-
SSDEEP
49152:Dk0eo5nJIioH/q+c6gXR92IISNbecXxHDoSf3M7sSZOZVVNa6Z6:Dk25nHoH/q+c6y92IBRecXxHUSf3M7sC
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-