General
-
Target
2024-09-26_b3c7c079425544173acdaee2f10c1abf_avoslocker_cobalt-strike_floxif
-
Size
464KB
-
Sample
240926-fnbyxsyfmp
-
MD5
b3c7c079425544173acdaee2f10c1abf
-
SHA1
ea5dc4f81792c9a9e80cf55d3786a612c2826304
-
SHA256
c7675a6623459e9972d35850288d01569ae57e3b05be6222f3fe41f0670d64cf
-
SHA512
083c8662ce44405131e99c0448f5ca3313ebf4b52af2d57e79943fdc17b188508b104629d8408918f7f30c9cf89bf0dfaf71f7e49e55b9e2a3f573b86de780ec
-
SSDEEP
12288:5K3wL98X1JBxkSYnVWqqPIBONhxs7rleBjvrEH7M:50wxE5j/xs7RYrEH7M
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-26_b3c7c079425544173acdaee2f10c1abf_avoslocker_cobalt-strike_floxif.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
2024-09-26_b3c7c079425544173acdaee2f10c1abf_avoslocker_cobalt-strike_floxif
-
Size
464KB
-
MD5
b3c7c079425544173acdaee2f10c1abf
-
SHA1
ea5dc4f81792c9a9e80cf55d3786a612c2826304
-
SHA256
c7675a6623459e9972d35850288d01569ae57e3b05be6222f3fe41f0670d64cf
-
SHA512
083c8662ce44405131e99c0448f5ca3313ebf4b52af2d57e79943fdc17b188508b104629d8408918f7f30c9cf89bf0dfaf71f7e49e55b9e2a3f573b86de780ec
-
SSDEEP
12288:5K3wL98X1JBxkSYnVWqqPIBONhxs7rleBjvrEH7M:50wxE5j/xs7RYrEH7M
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-