General
-
Target
2024-09-13_d11ccbdffbe5aded2380993d29943e15_bkransomware_floxif
-
Size
1.9MB
-
Sample
240913-q2jk2asgjn
-
MD5
d11ccbdffbe5aded2380993d29943e15
-
SHA1
c3cb8ebf9f179a7d2d242d26c4bf275c7a9ab5f0
-
SHA256
1b6384b83e1f5cec24d90519ea2458267a6bb719d0a1b90223290d405b7da327
-
SHA512
1c0eea4637bb8db8550631f858c29f402f1bbc171837e30695d56955f6246ece0fbd43b1c80dc1680a57d3aef5b82468ef0f1175087ed4d31e7fb9c9b8b3970b
-
SSDEEP
49152:USn5w1wAEkk4HhsTGhbcbfrp8RjD0MKrjUjsT4/rVCAgwqLVJBD:Uu5w1wAEk5HhNbcTrORaXUjsT4/rVCdZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-13_d11ccbdffbe5aded2380993d29943e15_bkransomware_floxif.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-09-13_d11ccbdffbe5aded2380993d29943e15_bkransomware_floxif.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-13_d11ccbdffbe5aded2380993d29943e15_bkransomware_floxif
-
Size
1.9MB
-
MD5
d11ccbdffbe5aded2380993d29943e15
-
SHA1
c3cb8ebf9f179a7d2d242d26c4bf275c7a9ab5f0
-
SHA256
1b6384b83e1f5cec24d90519ea2458267a6bb719d0a1b90223290d405b7da327
-
SHA512
1c0eea4637bb8db8550631f858c29f402f1bbc171837e30695d56955f6246ece0fbd43b1c80dc1680a57d3aef5b82468ef0f1175087ed4d31e7fb9c9b8b3970b
-
SSDEEP
49152:USn5w1wAEkk4HhsTGhbcbfrp8RjD0MKrjUjsT4/rVCAgwqLVJBD:Uu5w1wAEk5HhNbcTrORaXUjsT4/rVCdZ
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-