General
-
Target
2024-11-10_5b69a630856c50446797ed0e178d5bae_floxif_frostygoop_snatch
-
Size
3.6MB
-
Sample
241110-w4xhkasfpb
-
MD5
5b69a630856c50446797ed0e178d5bae
-
SHA1
3bd0688a097ebdb108bb795f1de6024bc441b4a8
-
SHA256
aff32e7c029544036392e353a970353f40f252594dc3d8d44e10a9eec2c93e85
-
SHA512
47c11dc6421eba55eac7acc357dd4b1979c66c9d8805fbac6735ca27596e17a685a582abe32e86272168dc7aaae088d7fd3fdbb1dc80622da1c30ae89f9be2e8
-
SSDEEP
49152:VRs2m1IKavQtRWme4s5LVc/fp18n5Igsxjq2iOIr+3r4ArUZVT:zs2ldyEme4fOTwq2iOLkQmJ
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-10_5b69a630856c50446797ed0e178d5bae_floxif_frostygoop_snatch.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2024-11-10_5b69a630856c50446797ed0e178d5bae_floxif_frostygoop_snatch.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-11-10_5b69a630856c50446797ed0e178d5bae_floxif_frostygoop_snatch
-
Size
3.6MB
-
MD5
5b69a630856c50446797ed0e178d5bae
-
SHA1
3bd0688a097ebdb108bb795f1de6024bc441b4a8
-
SHA256
aff32e7c029544036392e353a970353f40f252594dc3d8d44e10a9eec2c93e85
-
SHA512
47c11dc6421eba55eac7acc357dd4b1979c66c9d8805fbac6735ca27596e17a685a582abe32e86272168dc7aaae088d7fd3fdbb1dc80622da1c30ae89f9be2e8
-
SSDEEP
49152:VRs2m1IKavQtRWme4s5LVc/fp18n5Igsxjq2iOIr+3r4ArUZVT:zs2ldyEme4fOTwq2iOLkQmJ
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-