General
-
Target
2024-09-09_5ef05a2caec82053c1fb8d9022ec9bc2_floxif_mafia
-
Size
2.0MB
-
Sample
240909-blsfnsxbpg
-
MD5
5ef05a2caec82053c1fb8d9022ec9bc2
-
SHA1
180625dd305b68cbc890a4827b3730d74580d68e
-
SHA256
7e0f7267bbbc755c311798714ea4ab5ce57c878a00abc444156809d1c2ac7017
-
SHA512
2cdf247c178b5ff1a2eda8d713ea558bb0d02f80bee5846a7cd5af0269ef94ab0edeb78de9a4ad04c926c0e9edb5437e9aaa216a2c6800b5d2489f9f58dd86fc
-
SSDEEP
49152:y1LGMMeY6v+60SsTisQJvnTPxSl5IQ8kxRWPd7iPICeesdg2PyLolrJomZz73:y1LGMMeY6r0nibJvnTPxaIfkxRWPd7io
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-09_5ef05a2caec82053c1fb8d9022ec9bc2_floxif_mafia.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
2024-09-09_5ef05a2caec82053c1fb8d9022ec9bc2_floxif_mafia
-
Size
2.0MB
-
MD5
5ef05a2caec82053c1fb8d9022ec9bc2
-
SHA1
180625dd305b68cbc890a4827b3730d74580d68e
-
SHA256
7e0f7267bbbc755c311798714ea4ab5ce57c878a00abc444156809d1c2ac7017
-
SHA512
2cdf247c178b5ff1a2eda8d713ea558bb0d02f80bee5846a7cd5af0269ef94ab0edeb78de9a4ad04c926c0e9edb5437e9aaa216a2c6800b5d2489f9f58dd86fc
-
SSDEEP
49152:y1LGMMeY6v+60SsTisQJvnTPxSl5IQ8kxRWPd7iPICeesdg2PyLolrJomZz73:y1LGMMeY6r0nibJvnTPxaIfkxRWPd7io
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-