General
-
Target
2024-09-13_0ad1c22d3ec2e00abb9bf96e17d907fd_floxif_mafia
-
Size
1.8MB
-
Sample
240913-ppldes1bnp
-
MD5
0ad1c22d3ec2e00abb9bf96e17d907fd
-
SHA1
65058d110371d76c363fc36adc50c94a93a7215b
-
SHA256
7d690b08c9819cb6fb066b9c1327623e800908cdb135dd9f728e7cc8064e9521
-
SHA512
01ea603d764533613450b04b07753da0df2489ee6158fc6664eec324135cce0c8947c922637175f4ff385066e60e3640de9fdde178d883055eebb966d36dcf9b
-
SSDEEP
49152:/iv3hFN5jS9XvPYs8Znfb9Klx50BbI1Hv0AkOXE67fhfdJ98IE:+3h5jSFPYswnD9Klx50FINxn06ThfdJ6
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-13_0ad1c22d3ec2e00abb9bf96e17d907fd_floxif_mafia.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-09-13_0ad1c22d3ec2e00abb9bf96e17d907fd_floxif_mafia.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-13_0ad1c22d3ec2e00abb9bf96e17d907fd_floxif_mafia
-
Size
1.8MB
-
MD5
0ad1c22d3ec2e00abb9bf96e17d907fd
-
SHA1
65058d110371d76c363fc36adc50c94a93a7215b
-
SHA256
7d690b08c9819cb6fb066b9c1327623e800908cdb135dd9f728e7cc8064e9521
-
SHA512
01ea603d764533613450b04b07753da0df2489ee6158fc6664eec324135cce0c8947c922637175f4ff385066e60e3640de9fdde178d883055eebb966d36dcf9b
-
SSDEEP
49152:/iv3hFN5jS9XvPYs8Znfb9Klx50BbI1Hv0AkOXE67fhfdJ98IE:+3h5jSFPYswnD9Klx50FINxn06ThfdJ6
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-