General
-
Target
2025-05-29_02d4577487d3d3e6651400747322e4a4_black-basta_elex_floxif_luca-stealer
-
Size
268KB
-
Sample
250529-qplvmafk41
-
MD5
02d4577487d3d3e6651400747322e4a4
-
SHA1
3a5893d0ddd390b298121f4a1e5e222dd8095c40
-
SHA256
f8c6ee973adb67ec20e375077b1cecb4d38732d972d40241ba75b4f834825bdb
-
SHA512
414073cb303634ccd09db6061450202cb98566f447f97825113d48b1b29f145c0967d87a65b76e899e01e033ca23325c786c536b1a9ab5efcdbed647ad3d6076
-
SSDEEP
3072:OA/cdv7411xlZ9NCLi7+T6e0Q2vKH2wlz2lQBV+UdE+rECWp7hK7Q:O44T4Vf9i2wl3BV+UdvrEFp7hKs
Static task
static1
Behavioral task
behavioral1
Sample
2025-05-29_02d4577487d3d3e6651400747322e4a4_black-basta_elex_floxif_luca-stealer.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
2025-05-29_02d4577487d3d3e6651400747322e4a4_black-basta_elex_floxif_luca-stealer
-
Size
268KB
-
MD5
02d4577487d3d3e6651400747322e4a4
-
SHA1
3a5893d0ddd390b298121f4a1e5e222dd8095c40
-
SHA256
f8c6ee973adb67ec20e375077b1cecb4d38732d972d40241ba75b4f834825bdb
-
SHA512
414073cb303634ccd09db6061450202cb98566f447f97825113d48b1b29f145c0967d87a65b76e899e01e033ca23325c786c536b1a9ab5efcdbed647ad3d6076
-
SSDEEP
3072:OA/cdv7411xlZ9NCLi7+T6e0Q2vKH2wlz2lQBV+UdE+rECWp7hK7Q:O44T4Vf9i2wl3BV+UdvrEFp7hKs
-
Floxif family
-
Detects Floxif payload
-
Renames multiple (190) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Downloads MZ/PE file
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-