General
-
Target
2024-09-26_5bca871a918ece8ab63b7b3fd6fc1dee_floxif_mafia
-
Size
2.2MB
-
Sample
240926-fffbdaybpl
-
MD5
5bca871a918ece8ab63b7b3fd6fc1dee
-
SHA1
3ce7f0e040ffe84509b200a929f58d5986b98f11
-
SHA256
16bbaa4bdcfc46f69bd293c18189f5e9242e30017dfff5121f64ad805a648c73
-
SHA512
43804339b3248375134a7cff2950bef191c5917a14f3c0dbe43cda5a8c014aa4ec2d55313e09855962146f674815eaf27e3205313ef10349927ccc2e3ae705fa
-
SSDEEP
49152:pOsl51f/rTP67Z2UpnLWJY0tuzqxjJwhs+fGH7c81F6r6YsHQyum+aO:pn51f/r+7RpnLIYmuzqxjEfGHtF6r6Y1
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-26_5bca871a918ece8ab63b7b3fd6fc1dee_floxif_mafia.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-09-26_5bca871a918ece8ab63b7b3fd6fc1dee_floxif_mafia.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-26_5bca871a918ece8ab63b7b3fd6fc1dee_floxif_mafia
-
Size
2.2MB
-
MD5
5bca871a918ece8ab63b7b3fd6fc1dee
-
SHA1
3ce7f0e040ffe84509b200a929f58d5986b98f11
-
SHA256
16bbaa4bdcfc46f69bd293c18189f5e9242e30017dfff5121f64ad805a648c73
-
SHA512
43804339b3248375134a7cff2950bef191c5917a14f3c0dbe43cda5a8c014aa4ec2d55313e09855962146f674815eaf27e3205313ef10349927ccc2e3ae705fa
-
SSDEEP
49152:pOsl51f/rTP67Z2UpnLWJY0tuzqxjJwhs+fGH7c81F6r6YsHQyum+aO:pn51f/r+7RpnLIYmuzqxjEfGHtF6r6Y1
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-