General
-
Target
2024-07-31_b5c1153546a2afd0fd3b25fe7295ec6c_floxif_mafia
-
Size
2.0MB
-
Sample
240731-bd766aybkr
-
MD5
b5c1153546a2afd0fd3b25fe7295ec6c
-
SHA1
9edb7e348716b646ec6947497bea1b20355f66cc
-
SHA256
4511d63114ee1789f1e488db7cd766aab0159e76147b41e5835e5743818b3e82
-
SHA512
b04da41cb83753a439890ff884086182336586b0bea170e1ccd3d21ef6c8b7bc28061510b81a20788ae6526e60f9b24c5a08325b0398deb7b6743b8369c0ff4b
-
SSDEEP
49152:y1LGMMeY6v+60SsTisQJvnTPxSl5IQ8kxRWPd7LPICqcesBg2PyLolrJomZz7L:y1LGMMeY6r0nibJvnTPxaIfkxRWPd7Lt
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-31_b5c1153546a2afd0fd3b25fe7295ec6c_floxif_mafia.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
2024-07-31_b5c1153546a2afd0fd3b25fe7295ec6c_floxif_mafia
-
Size
2.0MB
-
MD5
b5c1153546a2afd0fd3b25fe7295ec6c
-
SHA1
9edb7e348716b646ec6947497bea1b20355f66cc
-
SHA256
4511d63114ee1789f1e488db7cd766aab0159e76147b41e5835e5743818b3e82
-
SHA512
b04da41cb83753a439890ff884086182336586b0bea170e1ccd3d21ef6c8b7bc28061510b81a20788ae6526e60f9b24c5a08325b0398deb7b6743b8369c0ff4b
-
SSDEEP
49152:y1LGMMeY6v+60SsTisQJvnTPxSl5IQ8kxRWPd7LPICqcesBg2PyLolrJomZz7L:y1LGMMeY6r0nibJvnTPxaIfkxRWPd7Lt
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-