General
-
Target
2024-12-10_351d8db338473531775513e16c10d247_bkransomware_floxif
-
Size
209KB
-
Sample
241210-h8s42stlgq
-
MD5
351d8db338473531775513e16c10d247
-
SHA1
42bbcae1e2a55a2fc6a37f62924f24772f8b26ec
-
SHA256
ce2614feb6ae129ddc2fdb22cc0b4c7980c1015dc4fdc0d4e6d91ea8d2b4ed1e
-
SHA512
a318ed3bfa5dda229ee7827b43dde2afcdbc81c7909504964ae084adbf12691ead903d9df528b6b42cfe41d96bbcc4f471e4dd78d50401b9dc55f520c77842ac
-
SSDEEP
3072:Bax4PbI+GptMz4P9e78LMTeI2lQBV+UdE+rECWp7hKDLGZ:BaaC/p8QYBV+UdvrEFp7hKGZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-10_351d8db338473531775513e16c10d247_bkransomware_floxif.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
2024-12-10_351d8db338473531775513e16c10d247_bkransomware_floxif
-
Size
209KB
-
MD5
351d8db338473531775513e16c10d247
-
SHA1
42bbcae1e2a55a2fc6a37f62924f24772f8b26ec
-
SHA256
ce2614feb6ae129ddc2fdb22cc0b4c7980c1015dc4fdc0d4e6d91ea8d2b4ed1e
-
SHA512
a318ed3bfa5dda229ee7827b43dde2afcdbc81c7909504964ae084adbf12691ead903d9df528b6b42cfe41d96bbcc4f471e4dd78d50401b9dc55f520c77842ac
-
SSDEEP
3072:Bax4PbI+GptMz4P9e78LMTeI2lQBV+UdE+rECWp7hKDLGZ:BaaC/p8QYBV+UdvrEFp7hKGZ
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-