General
-
Target
2024-09-26_ab00c77aafb3daeb6f0e3e564f85374b_bkransomware_floxif
-
Size
2.0MB
-
Sample
240926-fmjx5ssajb
-
MD5
ab00c77aafb3daeb6f0e3e564f85374b
-
SHA1
dcfbc6af68646c314064eea42e4f17805ad7cc99
-
SHA256
6e5c03e1d8269955d7c0d011a2a8633b93f169c1503d608d83fa309aa711dd0b
-
SHA512
08a9b87cfb9560e5c878f7d90a7f5c89b8f242be36e9918511245c1872672afd2416f325c9b1223bf9f64b3d62be48ee80550cc46d840095184cacf9488ab544
-
SSDEEP
49152:0p5heR904r6t4gcyv4FBALR/vw38my1BNphaRKCmEMBw7u:0pSRq4r6KgL4FBAF/3XNp4KCmE+
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-26_ab00c77aafb3daeb6f0e3e564f85374b_bkransomware_floxif.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-09-26_ab00c77aafb3daeb6f0e3e564f85374b_bkransomware_floxif
-
Size
2.0MB
-
MD5
ab00c77aafb3daeb6f0e3e564f85374b
-
SHA1
dcfbc6af68646c314064eea42e4f17805ad7cc99
-
SHA256
6e5c03e1d8269955d7c0d011a2a8633b93f169c1503d608d83fa309aa711dd0b
-
SHA512
08a9b87cfb9560e5c878f7d90a7f5c89b8f242be36e9918511245c1872672afd2416f325c9b1223bf9f64b3d62be48ee80550cc46d840095184cacf9488ab544
-
SSDEEP
49152:0p5heR904r6t4gcyv4FBALR/vw38my1BNphaRKCmEMBw7u:0pSRq4r6KgL4FBAF/3XNp4KCmE+
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-