General
-
Target
2024-07-31_5e59c70b2bb16cb7555d8a4e8d71795d_bkransomware_floxif
-
Size
2.1MB
-
Sample
240731-a4ag5ssamd
-
MD5
5e59c70b2bb16cb7555d8a4e8d71795d
-
SHA1
673a6f1b440056dc047f9f37856a60d020769c0c
-
SHA256
6762a11067689af4ce49138b9015562e0d528cca9b68968c09fb64d1b3ac5926
-
SHA512
ff1de740f8ee0a559089c92a07b18b1549ce7cd5ffaa86445954777126558eb2b0a02458a5e549046d0109738626436efe1016ce0cac4d29b444dc263ee8174a
-
SSDEEP
49152:bf83LdZrq17O789aSymksotcnkLVdBbQ7Q4URkZhM1C:baLdo17O78op6otcnkfBbQ7Q4URM
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-31_5e59c70b2bb16cb7555d8a4e8d71795d_bkransomware_floxif.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
2024-07-31_5e59c70b2bb16cb7555d8a4e8d71795d_bkransomware_floxif
-
Size
2.1MB
-
MD5
5e59c70b2bb16cb7555d8a4e8d71795d
-
SHA1
673a6f1b440056dc047f9f37856a60d020769c0c
-
SHA256
6762a11067689af4ce49138b9015562e0d528cca9b68968c09fb64d1b3ac5926
-
SHA512
ff1de740f8ee0a559089c92a07b18b1549ce7cd5ffaa86445954777126558eb2b0a02458a5e549046d0109738626436efe1016ce0cac4d29b444dc263ee8174a
-
SSDEEP
49152:bf83LdZrq17O789aSymksotcnkLVdBbQ7Q4URkZhM1C:baLdo17O78op6otcnkfBbQ7Q4URM
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-