General
-
Target
setup.exe
-
Size
525KB
-
Sample
240917-a14ltayand
-
MD5
5aa5797d40567350ee3bbc417ed9cf0b
-
SHA1
b7e5323a938b2f11b203e1cec274d9e0b9c41712
-
SHA256
ec648643e91d914351ee61e3784d38d6011ab2c7bf8ed00869ec45f1a7dd1df3
-
SHA512
9af5ea2e56eff8792327a744e48ee0e74320a7054743dc5ca7bf0df99707858e65492b343b1f53037ee57d3e5e053a7b998d6de896d2d422dcd97e8391b068d9
-
SSDEEP
12288:V7ImWvFC+nhmuF3Y0sc0eDuUlXkCajKeBjvrEH7u7:V7yg+F3YlViKrEH7u7
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
525KB
-
MD5
5aa5797d40567350ee3bbc417ed9cf0b
-
SHA1
b7e5323a938b2f11b203e1cec274d9e0b9c41712
-
SHA256
ec648643e91d914351ee61e3784d38d6011ab2c7bf8ed00869ec45f1a7dd1df3
-
SHA512
9af5ea2e56eff8792327a744e48ee0e74320a7054743dc5ca7bf0df99707858e65492b343b1f53037ee57d3e5e053a7b998d6de896d2d422dcd97e8391b068d9
-
SSDEEP
12288:V7ImWvFC+nhmuF3Y0sc0eDuUlXkCajKeBjvrEH7u7:V7yg+F3YlViKrEH7u7
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-