General
-
Target
2024-09-26_3b494f756432139d4300feb18000ca5b_bkransomware_floxif
-
Size
353KB
-
Sample
240926-fdzbga1eja
-
MD5
3b494f756432139d4300feb18000ca5b
-
SHA1
7197905ca3b7ff4d566151c9f5218bededb9e9f2
-
SHA256
3f30240bc911a94d863381065d41a9890f4c0edf72108aba7fc71bd00f503b3f
-
SHA512
171532c3a32c9f1cb787860e9bafc4b263017f4de9362beedf63bd41ad6e2d18742b8ea63dfe1071f44e4da091a3f2a248d75635b0a132d317b278aee2b61be5
-
SSDEEP
6144:kGnTIIIIRh9Tmu/EDbvufeQcM4BRz7kx/49Pmx2LAO0BV+UdvrEFp7hK4:zBEDbvumQT4r0x/x2EO0BjvrEH7T
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-26_3b494f756432139d4300feb18000ca5b_bkransomware_floxif.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-09-26_3b494f756432139d4300feb18000ca5b_bkransomware_floxif
-
Size
353KB
-
MD5
3b494f756432139d4300feb18000ca5b
-
SHA1
7197905ca3b7ff4d566151c9f5218bededb9e9f2
-
SHA256
3f30240bc911a94d863381065d41a9890f4c0edf72108aba7fc71bd00f503b3f
-
SHA512
171532c3a32c9f1cb787860e9bafc4b263017f4de9362beedf63bd41ad6e2d18742b8ea63dfe1071f44e4da091a3f2a248d75635b0a132d317b278aee2b61be5
-
SSDEEP
6144:kGnTIIIIRh9Tmu/EDbvufeQcM4BRz7kx/49Pmx2LAO0BV+UdvrEFp7hK4:zBEDbvumQT4r0x/x2EO0BjvrEH7T
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-