General
-
Target
2024-08-16_bed82ac6be5915a59ae6c46c8d1bc3e1_floxif_mafia
-
Size
3.4MB
-
Sample
240816-ptc8lsvdja
-
MD5
bed82ac6be5915a59ae6c46c8d1bc3e1
-
SHA1
2711df6cd5aea0788866ade47a2ec5f04eab2e95
-
SHA256
b14ebf9950bb465852eb466a04b57f7473483d8d66ab26b6b6cf56d2f0fefb1d
-
SHA512
45ee2db7505c8f3568ae0bac4733fa1e15b3e26107c3dcd0692991cba72a8780b5167584a8e4912b9de06af66e8590ac105cb83257c00b45711e0b1ac7b2be52
-
SSDEEP
98304:vQIQ7n4g8zR5ZRER+7b6MYkjMaGs7qKnX341lfc4x:II9g8jTsZDs7qKn4vXx
Static task
static1
Behavioral task
behavioral1
Sample
2024-08-16_bed82ac6be5915a59ae6c46c8d1bc3e1_floxif_mafia.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2024-08-16_bed82ac6be5915a59ae6c46c8d1bc3e1_floxif_mafia.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-08-16_bed82ac6be5915a59ae6c46c8d1bc3e1_floxif_mafia
-
Size
3.4MB
-
MD5
bed82ac6be5915a59ae6c46c8d1bc3e1
-
SHA1
2711df6cd5aea0788866ade47a2ec5f04eab2e95
-
SHA256
b14ebf9950bb465852eb466a04b57f7473483d8d66ab26b6b6cf56d2f0fefb1d
-
SHA512
45ee2db7505c8f3568ae0bac4733fa1e15b3e26107c3dcd0692991cba72a8780b5167584a8e4912b9de06af66e8590ac105cb83257c00b45711e0b1ac7b2be52
-
SSDEEP
98304:vQIQ7n4g8zR5ZRER+7b6MYkjMaGs7qKnX341lfc4x:II9g8jTsZDs7qKn4vXx
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-