General
-
Target
2024-12-31_05ab05ce5ada07295aacfb732321c43e_floxif_mafia
-
Size
1.9MB
-
Sample
241231-pkfx5szmht
-
MD5
05ab05ce5ada07295aacfb732321c43e
-
SHA1
de90105de53a094cf1e43749d96a73333e533117
-
SHA256
4dffe51dc88168be46efc27ed54482d6b064fe7397fbdf50e5657176d0b9afbf
-
SHA512
8efaca0f9abe0fc43baa953a8b7f3d8febe0b84cd2da8f6eeb520a50a3927a79ea40f9dc2a7912738ce8442693e8303244fac8b1df9e149957333dc64a83b164
-
SSDEEP
49152:OeLjveDKVx+KJtOw8RG48p85P/cs7dGyayEFD5fLD9RJ4KvJFBVAX69FPfr:rLeKOKTOw898O5ncs7dGyayE3LD9HvJ/
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-31_05ab05ce5ada07295aacfb732321c43e_floxif_mafia.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2024-12-31_05ab05ce5ada07295aacfb732321c43e_floxif_mafia.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-12-31_05ab05ce5ada07295aacfb732321c43e_floxif_mafia
-
Size
1.9MB
-
MD5
05ab05ce5ada07295aacfb732321c43e
-
SHA1
de90105de53a094cf1e43749d96a73333e533117
-
SHA256
4dffe51dc88168be46efc27ed54482d6b064fe7397fbdf50e5657176d0b9afbf
-
SHA512
8efaca0f9abe0fc43baa953a8b7f3d8febe0b84cd2da8f6eeb520a50a3927a79ea40f9dc2a7912738ce8442693e8303244fac8b1df9e149957333dc64a83b164
-
SSDEEP
49152:OeLjveDKVx+KJtOw8RG48p85P/cs7dGyayEFD5fLD9RJ4KvJFBVAX69FPfr:rLeKOKTOw898O5ncs7dGyayE3LD9HvJ/
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-