General
-
Target
8fabf1496131721eb752a65e10c6d42ffd0ba312a33939f6fb9cc5f51437ad59
-
Size
3.1MB
-
Sample
240909-aqzvwavglh
-
MD5
8d80ccc0423d146b2849440316101bc9
-
SHA1
62bbfdd9538804448924d2b4653b4367a57a7531
-
SHA256
8fabf1496131721eb752a65e10c6d42ffd0ba312a33939f6fb9cc5f51437ad59
-
SHA512
b83cefbc12e42c6fece5d6188ac84e463efc3a3ea02e99075b4374b78443ee32b87149120ac83bcf3431de4601ef3c6617ac0524848470f887114781c5c53a14
-
SSDEEP
24576:mk9gl2puV9TuV9TuV9TuV9TuV9TuV9TuV9TuV9OCMpCMpCMpCMpCMpCMpCMpCMBK:m7tkkkkkkkMnpnpnpnpnpnpnpnBK
Static task
static1
Behavioral task
behavioral1
Sample
8fabf1496131721eb752a65e10c6d42ffd0ba312a33939f6fb9cc5f51437ad59.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8fabf1496131721eb752a65e10c6d42ffd0ba312a33939f6fb9cc5f51437ad59.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
8fabf1496131721eb752a65e10c6d42ffd0ba312a33939f6fb9cc5f51437ad59
-
Size
3.1MB
-
MD5
8d80ccc0423d146b2849440316101bc9
-
SHA1
62bbfdd9538804448924d2b4653b4367a57a7531
-
SHA256
8fabf1496131721eb752a65e10c6d42ffd0ba312a33939f6fb9cc5f51437ad59
-
SHA512
b83cefbc12e42c6fece5d6188ac84e463efc3a3ea02e99075b4374b78443ee32b87149120ac83bcf3431de4601ef3c6617ac0524848470f887114781c5c53a14
-
SSDEEP
24576:mk9gl2puV9TuV9TuV9TuV9TuV9TuV9TuV9TuV9OCMpCMpCMpCMpCMpCMpCMpCMBK:m7tkkkkkkkMnpnpnpnpnpnpnpnBK
-
Detects Floxif payload
-
Blocklisted process makes network request
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-