General
-
Target
2024-09-10_7161832bb856c1f9d0e02ffa1618f12f_floxif_hijackloader_icedid
-
Size
2.1MB
-
Sample
240910-c8wmaavcrc
-
MD5
7161832bb856c1f9d0e02ffa1618f12f
-
SHA1
e31224daad163e30b338bfadf9d806dbd6c8d6d5
-
SHA256
13e742a80e011cfacd555eddbaab5639c17a1bf66e6ea022ce41585df223527d
-
SHA512
54573982d9ecc2d5723e82f92288cd7ad28f5fbdb68cfdba7ff88063bcb54119a68c23d35b74b0e06a4599ffd115ba8123315eb530782d56b96028245b11f2eb
-
SSDEEP
49152:V8PsZNCH5OAxh5f1fWtfxaPZXbuo3j5XpI:uPsZu5OA4fxaPhbuo3j5XpI
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-10_7161832bb856c1f9d0e02ffa1618f12f_floxif_hijackloader_icedid.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
2024-09-10_7161832bb856c1f9d0e02ffa1618f12f_floxif_hijackloader_icedid.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-10_7161832bb856c1f9d0e02ffa1618f12f_floxif_hijackloader_icedid
-
Size
2.1MB
-
MD5
7161832bb856c1f9d0e02ffa1618f12f
-
SHA1
e31224daad163e30b338bfadf9d806dbd6c8d6d5
-
SHA256
13e742a80e011cfacd555eddbaab5639c17a1bf66e6ea022ce41585df223527d
-
SHA512
54573982d9ecc2d5723e82f92288cd7ad28f5fbdb68cfdba7ff88063bcb54119a68c23d35b74b0e06a4599ffd115ba8123315eb530782d56b96028245b11f2eb
-
SSDEEP
49152:V8PsZNCH5OAxh5f1fWtfxaPZXbuo3j5XpI:uPsZu5OA4fxaPhbuo3j5XpI
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-