General
-
Target
bce8713b3f10847cfc7118eaa18f855ab118dab63725d2c0ddfad449e6fd96e6
-
Size
4.2MB
-
Sample
241031-e273vayldv
-
MD5
eb88e6f8885317eec81bbdc0e0182337
-
SHA1
60c17948ec154ee6e0a7c2cbb0ea67a3897d93a9
-
SHA256
bce8713b3f10847cfc7118eaa18f855ab118dab63725d2c0ddfad449e6fd96e6
-
SHA512
db95bb7580600d19ad4dafc88388d256434df5f2d2d59d3737641cc13033a0a52f4b5e5e546d67253e713f408cb7267ade0393bc0144f5b2c595383ce700db14
-
SSDEEP
98304:Pnzz9jK7mk9nrpao6EzIzGePewXbw5Dz99d3ZVUh2WM:bz9UmwP6+YGePPLa99d3/UoWM
Behavioral task
behavioral1
Sample
bce8713b3f10847cfc7118eaa18f855ab118dab63725d2c0ddfad449e6fd96e6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bce8713b3f10847cfc7118eaa18f855ab118dab63725d2c0ddfad449e6fd96e6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
bce8713b3f10847cfc7118eaa18f855ab118dab63725d2c0ddfad449e6fd96e6
-
Size
4.2MB
-
MD5
eb88e6f8885317eec81bbdc0e0182337
-
SHA1
60c17948ec154ee6e0a7c2cbb0ea67a3897d93a9
-
SHA256
bce8713b3f10847cfc7118eaa18f855ab118dab63725d2c0ddfad449e6fd96e6
-
SHA512
db95bb7580600d19ad4dafc88388d256434df5f2d2d59d3737641cc13033a0a52f4b5e5e546d67253e713f408cb7267ade0393bc0144f5b2c595383ce700db14
-
SSDEEP
98304:Pnzz9jK7mk9nrpao6EzIzGePewXbw5Dz99d3ZVUh2WM:bz9UmwP6+YGePPLa99d3/UoWM
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-