General
-
Target
2025-07-02_e004b546ceda9a97195a7d4559fb309d_elex_floxif_gcleaner_stop
-
Size
693KB
-
Sample
250702-xfqwjszvdw
-
MD5
e004b546ceda9a97195a7d4559fb309d
-
SHA1
9dfdd4d72adae42e8e0a1a5b49a48a89853f4ae9
-
SHA256
4aaeebcc27bd62cbe9664f3f5cc9b5a17d55765565b912635419ddbf7ad5f4cd
-
SHA512
7f3ae9ba1c14fa6a11dbae23b1acc516dbec8088587c05d293256acf7c713ad165c5e4ef502760008495ed65771dfb9d11dbcb153bfedc62f9ffa490ce4fa554
-
SSDEEP
12288:aMJoRRJVX/hS00PeMYPLCul+8dHqAQN3Zq70//WkUfj31iTrbzqmBjvrEH75g:Lm/VX/s0iezIVUfjoTrbz5rEH75g
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-02_e004b546ceda9a97195a7d4559fb309d_elex_floxif_gcleaner_stop.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
2025-07-02_e004b546ceda9a97195a7d4559fb309d_elex_floxif_gcleaner_stop.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
2025-07-02_e004b546ceda9a97195a7d4559fb309d_elex_floxif_gcleaner_stop
-
Size
693KB
-
MD5
e004b546ceda9a97195a7d4559fb309d
-
SHA1
9dfdd4d72adae42e8e0a1a5b49a48a89853f4ae9
-
SHA256
4aaeebcc27bd62cbe9664f3f5cc9b5a17d55765565b912635419ddbf7ad5f4cd
-
SHA512
7f3ae9ba1c14fa6a11dbae23b1acc516dbec8088587c05d293256acf7c713ad165c5e4ef502760008495ed65771dfb9d11dbcb153bfedc62f9ffa490ce4fa554
-
SSDEEP
12288:aMJoRRJVX/hS00PeMYPLCul+8dHqAQN3Zq70//WkUfj31iTrbzqmBjvrEH75g:Lm/VX/s0iezIVUfjoTrbz5rEH75g
-
Floxif family
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-