General
-
Target
2024-09-13_9e56bc48d3490b44f7c5c73ed69ba61b_bkransomware_floxif
-
Size
2.3MB
-
Sample
240913-qgpasasbnm
-
MD5
9e56bc48d3490b44f7c5c73ed69ba61b
-
SHA1
4834a8d035c492da30a1a8d82c5ae69e9a2b61f6
-
SHA256
f224a0fb944aebcbb4fed30ea9ea04cf173a9a148db8801e2c4841053b3e1b16
-
SHA512
3601019dc8019177a346eb1386aade70b42af324cd023c6479a10e1ede4b2a6004d7e63aac6ef44f21a5de872b61f4c5e59f8342406c68d5b50bdca5e2499cca
-
SSDEEP
49152:1g4/fb0T3hlfNIPJy1m3a2bhwM1rP2q0qzlB48zIaySwzKXFr7fJv5r:bfEh9NIhy1BEwM5uq0qzlB4kIaySOKXt
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-13_9e56bc48d3490b44f7c5c73ed69ba61b_bkransomware_floxif.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-09-13_9e56bc48d3490b44f7c5c73ed69ba61b_bkransomware_floxif
-
Size
2.3MB
-
MD5
9e56bc48d3490b44f7c5c73ed69ba61b
-
SHA1
4834a8d035c492da30a1a8d82c5ae69e9a2b61f6
-
SHA256
f224a0fb944aebcbb4fed30ea9ea04cf173a9a148db8801e2c4841053b3e1b16
-
SHA512
3601019dc8019177a346eb1386aade70b42af324cd023c6479a10e1ede4b2a6004d7e63aac6ef44f21a5de872b61f4c5e59f8342406c68d5b50bdca5e2499cca
-
SSDEEP
49152:1g4/fb0T3hlfNIPJy1m3a2bhwM1rP2q0qzlB48zIaySwzKXFr7fJv5r:bfEh9NIhy1BEwM5uq0qzlB4kIaySOKXt
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-