General
-
Target
35f08cd2e5b4ca5eec1379cbe721ef3ae22273a376be4c07e1ebbc06de17433d
-
Size
133KB
-
Sample
240914-yxh3pstcmn
-
MD5
69fc4629b2b55b4d474edc32e42d016f
-
SHA1
e850898c71ad8fd8a28a621afdb36379d0b3a0ad
-
SHA256
35f08cd2e5b4ca5eec1379cbe721ef3ae22273a376be4c07e1ebbc06de17433d
-
SHA512
31d63dbbcc215fecf9c7f4b4ef1e1e81631cb54fc503b4529911fcc6ea624358e0dea07663d53c9a62d1511cc693d523b1ea0541e0bbb118407ea25500febf4c
-
SSDEEP
3072:Rgsb3/Fx2+52lQBV+UdE+rECWp7hKfFsCJ:ysLZBV+UdvrEFp7hKKCJ
Static task
static1
Behavioral task
behavioral1
Sample
35f08cd2e5b4ca5eec1379cbe721ef3ae22273a376be4c07e1ebbc06de17433d.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
35f08cd2e5b4ca5eec1379cbe721ef3ae22273a376be4c07e1ebbc06de17433d.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
35f08cd2e5b4ca5eec1379cbe721ef3ae22273a376be4c07e1ebbc06de17433d
-
Size
133KB
-
MD5
69fc4629b2b55b4d474edc32e42d016f
-
SHA1
e850898c71ad8fd8a28a621afdb36379d0b3a0ad
-
SHA256
35f08cd2e5b4ca5eec1379cbe721ef3ae22273a376be4c07e1ebbc06de17433d
-
SHA512
31d63dbbcc215fecf9c7f4b4ef1e1e81631cb54fc503b4529911fcc6ea624358e0dea07663d53c9a62d1511cc693d523b1ea0541e0bbb118407ea25500febf4c
-
SSDEEP
3072:Rgsb3/Fx2+52lQBV+UdE+rECWp7hKfFsCJ:ysLZBV+UdvrEFp7hKKCJ
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-