General
-
Target
Virus.Win32.Floxif.H-a177fa8b3b8ff8996000f67a6d20955fadc8eec8fa9ddf455894ff9b213cd591-NeikiAnalytics
-
Size
5.0MB
-
Sample
240915-rl8qnaxclb
-
MD5
627af27c5f977992d00e6edaeb0c6a90
-
SHA1
635aa5f91049d960c8ddf1e438f7868dd5ab952e
-
SHA256
a177fa8b3b8ff8996000f67a6d20955fadc8eec8fa9ddf455894ff9b213cd591
-
SHA512
b66fd324c2a986555f6fda43b0efb7c97f116b79be2d8468cf4ee0160d68bfec93c0f8e7fd8be82e053bbd11593902b7463579d5554e5261e4619cbaadddc0b6
-
SSDEEP
98304:9BI8/pCVmdbx2rU/xFnTBU8UeNeagEXtIgvjyGFDdo85qyKYr5NM62dNKViClWPC:9hvx2rw5Th8XeNyGtW0DJr5uDdQdWPeR
Static task
static1
Behavioral task
behavioral1
Sample
Virus.Win32.Floxif.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Virus.Win32.Floxif.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Virus.Win32.Floxif.H-a177fa8b3b8ff8996000f67a6d20955fadc8eec8fa9ddf455894ff9b213cd591-NeikiAnalytics
-
Size
5.0MB
-
MD5
627af27c5f977992d00e6edaeb0c6a90
-
SHA1
635aa5f91049d960c8ddf1e438f7868dd5ab952e
-
SHA256
a177fa8b3b8ff8996000f67a6d20955fadc8eec8fa9ddf455894ff9b213cd591
-
SHA512
b66fd324c2a986555f6fda43b0efb7c97f116b79be2d8468cf4ee0160d68bfec93c0f8e7fd8be82e053bbd11593902b7463579d5554e5261e4619cbaadddc0b6
-
SSDEEP
98304:9BI8/pCVmdbx2rU/xFnTBU8UeNeagEXtIgvjyGFDdo85qyKYr5NM62dNKViClWPC:9hvx2rw5Th8XeNyGtW0DJr5uDdQdWPeR
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-