General
-
Target
202409266ccad1e0cd3116fb8cb172dc2310397efloxifmafia
-
Size
4.0MB
-
Sample
240926-lg6gvazamq
-
MD5
6ccad1e0cd3116fb8cb172dc2310397e
-
SHA1
0484bfd25bd393f9e66442bdae94016961516e5f
-
SHA256
ade57c6bf20d57ba50c38f89d8e3400507b8b8d4919cc418e214c826632baae6
-
SHA512
ba0fcab777e67f9c5e0c0450b6a43359e700af0447b8a0b32324b63fc918c876095a573a2a14eda543ec3b5f83d3821c283470c1c82ec4f1eca47c4fe878dbd0
-
SSDEEP
98304:xYD83A/3uQtOIbcgEX6udnGbdwxzaLxC5WyPHTdaA9PMYFfoLcgD5OtQf:u5tOI6GKtzBoA9PMYFwdOtk
Static task
static1
Behavioral task
behavioral1
Sample
202409266ccad1e0cd3116fb8cb172dc2310397efloxifmafia.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
202409266ccad1e0cd3116fb8cb172dc2310397efloxifmafia
-
Size
4.0MB
-
MD5
6ccad1e0cd3116fb8cb172dc2310397e
-
SHA1
0484bfd25bd393f9e66442bdae94016961516e5f
-
SHA256
ade57c6bf20d57ba50c38f89d8e3400507b8b8d4919cc418e214c826632baae6
-
SHA512
ba0fcab777e67f9c5e0c0450b6a43359e700af0447b8a0b32324b63fc918c876095a573a2a14eda543ec3b5f83d3821c283470c1c82ec4f1eca47c4fe878dbd0
-
SSDEEP
98304:xYD83A/3uQtOIbcgEX6udnGbdwxzaLxC5WyPHTdaA9PMYFfoLcgD5OtQf:u5tOI6GKtzBoA9PMYFwdOtk
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-