General
-
Target
2024-07-30_5a5bcd5f903c960aee89f6b6284472ff_floxif_mafia
-
Size
1.7MB
-
Sample
240730-awtaaayenm
-
MD5
5a5bcd5f903c960aee89f6b6284472ff
-
SHA1
f790ae1839d0f9684046cbcffdc4431cc15cacf6
-
SHA256
c6f8d19f9f5e9a3e5ba9bb9ce37b0ffdb56b4f6aa0177dd18b2b7fffd3793acb
-
SHA512
79a636916dd46a39b77836842846358927b452a2a2e88f3db8b80573de8b26db4af6fb590551f320cc42ca9bdf8a3edb1a3d8f227a1aa9c30ace8441d2daf8bd
-
SSDEEP
49152:WlfGRvrbYu/NCW3xEjbw5hmt+oVBPQ7bbLiGJn3WgcliylPPej1qk:3RvrbY+CW3Ibw5hK+oVBPQ7vLPwlliyG
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-30_5a5bcd5f903c960aee89f6b6284472ff_floxif_mafia.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-07-30_5a5bcd5f903c960aee89f6b6284472ff_floxif_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-30_5a5bcd5f903c960aee89f6b6284472ff_floxif_mafia
-
Size
1.7MB
-
MD5
5a5bcd5f903c960aee89f6b6284472ff
-
SHA1
f790ae1839d0f9684046cbcffdc4431cc15cacf6
-
SHA256
c6f8d19f9f5e9a3e5ba9bb9ce37b0ffdb56b4f6aa0177dd18b2b7fffd3793acb
-
SHA512
79a636916dd46a39b77836842846358927b452a2a2e88f3db8b80573de8b26db4af6fb590551f320cc42ca9bdf8a3edb1a3d8f227a1aa9c30ace8441d2daf8bd
-
SSDEEP
49152:WlfGRvrbYu/NCW3xEjbw5hmt+oVBPQ7bbLiGJn3WgcliylPPej1qk:3RvrbY+CW3Ibw5hK+oVBPQ7vLPwlliyG
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-