General
-
Target
2024-11-09_e864486a4e0b0b5fb122aa63a2794861_floxif_mafia
-
Size
2.5MB
-
Sample
241109-ptb1jstlfw
-
MD5
e864486a4e0b0b5fb122aa63a2794861
-
SHA1
ab4d5e396ac94d0a3f977cd8052fbe671b6bf404
-
SHA256
0bc1be74b45928a18acdd74dada4933ca488038a7f899c70fe2fcff4dcfa49de
-
SHA512
3387a4f7ccfa78643524bbdc39c541d3817700795b16f66ed57f48b063be0c8ab076d267d1dffceca51bf6fc57531fb64f1c4ebca87b5c91b115fefcfe2a5bd3
-
SSDEEP
49152:1uIIKEofs2hPd2l177BTK2VbDsar1YDjU7MZ:1jxfs2hPIl1/qZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-09_e864486a4e0b0b5fb122aa63a2794861_floxif_mafia.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-11-09_e864486a4e0b0b5fb122aa63a2794861_floxif_mafia
-
Size
2.5MB
-
MD5
e864486a4e0b0b5fb122aa63a2794861
-
SHA1
ab4d5e396ac94d0a3f977cd8052fbe671b6bf404
-
SHA256
0bc1be74b45928a18acdd74dada4933ca488038a7f899c70fe2fcff4dcfa49de
-
SHA512
3387a4f7ccfa78643524bbdc39c541d3817700795b16f66ed57f48b063be0c8ab076d267d1dffceca51bf6fc57531fb64f1c4ebca87b5c91b115fefcfe2a5bd3
-
SSDEEP
49152:1uIIKEofs2hPd2l177BTK2VbDsar1YDjU7MZ:1jxfs2hPIl1/qZ
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-