General
-
Target
2024-09-15_2406ce0248c8d043678e6eefd3e15411_bkransomware_floxif
-
Size
2.1MB
-
Sample
240915-dyy54atcqp
-
MD5
2406ce0248c8d043678e6eefd3e15411
-
SHA1
e4acc55d1d59c1c592e3369e83c581c1aa223d03
-
SHA256
87badf19b9064c2dab2f90162d0ee396258d4e5e609e69297de8d830727864bc
-
SHA512
41d4db48f91a963c2a61824486d9bc13b57c2c7c49b2271164865b0982fdc0c8eb2358e6c0cbf562984ee5f11657f94b22125031ca5a77ff1039897cc3d7919e
-
SSDEEP
49152:bf83LdZrq17V789a5xymksotcnkLVdBpQ7Q4URkZhM1w:baLdo17V78o5Q6otcnkfBpQ7Q4URy
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-15_2406ce0248c8d043678e6eefd3e15411_bkransomware_floxif.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-09-15_2406ce0248c8d043678e6eefd3e15411_bkransomware_floxif
-
Size
2.1MB
-
MD5
2406ce0248c8d043678e6eefd3e15411
-
SHA1
e4acc55d1d59c1c592e3369e83c581c1aa223d03
-
SHA256
87badf19b9064c2dab2f90162d0ee396258d4e5e609e69297de8d830727864bc
-
SHA512
41d4db48f91a963c2a61824486d9bc13b57c2c7c49b2271164865b0982fdc0c8eb2358e6c0cbf562984ee5f11657f94b22125031ca5a77ff1039897cc3d7919e
-
SSDEEP
49152:bf83LdZrq17V789a5xymksotcnkLVdBpQ7Q4URkZhM1w:baLdo17V78o5Q6otcnkfBpQ7Q4URy
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-