Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2025-01-31_63c72fab34d53a9f028a7c20a978ae4a_floxif_frostygoop_snatch
-
Size
3.6MB
-
Sample
250131-w5zdjswjfp
-
MD5
63c72fab34d53a9f028a7c20a978ae4a
-
SHA1
d66fe00ff6d88744ac6cb8e88402e8c9657128fe
-
SHA256
69602320b8178e3347387560d1ef65f60b9000fc0257504eb942560bcb2a5a84
-
SHA512
e0738b0fb3faa2623f139434e26dabcb51a3a92abcc79b73f61b0a8b979f164e0b2e6641f80f658481b5c4ad428b1460fb3f57b09a53f085abae46f153e60611
-
SSDEEP
49152:VRs2G1IKjvQtRWme4s5LVc/fp18n5Igsxjq2iOIr+3r4ArUZQQ:zs2F4yEme4fOTwq2iOLkQmZ
Static task
static1
Behavioral task
behavioral1
Sample
2025-01-31_63c72fab34d53a9f028a7c20a978ae4a_floxif_frostygoop_snatch.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2025-01-31_63c72fab34d53a9f028a7c20a978ae4a_floxif_frostygoop_snatch.exe
Resource
win10v2004-20250129-en
Malware Config
Targets
-
-
Target
2025-01-31_63c72fab34d53a9f028a7c20a978ae4a_floxif_frostygoop_snatch
-
Size
3.6MB
-
MD5
63c72fab34d53a9f028a7c20a978ae4a
-
SHA1
d66fe00ff6d88744ac6cb8e88402e8c9657128fe
-
SHA256
69602320b8178e3347387560d1ef65f60b9000fc0257504eb942560bcb2a5a84
-
SHA512
e0738b0fb3faa2623f139434e26dabcb51a3a92abcc79b73f61b0a8b979f164e0b2e6641f80f658481b5c4ad428b1460fb3f57b09a53f085abae46f153e60611
-
SSDEEP
49152:VRs2G1IKjvQtRWme4s5LVc/fp18n5Igsxjq2iOIr+3r4ArUZQQ:zs2F4yEme4fOTwq2iOLkQmZ
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-