General
-
Target
2024-07-03_7339e9786dd4fda4f66223501718205e_floxif_icedid_poet-rat
-
Size
28.4MB
-
Sample
240703-x6lphsthpr
-
MD5
7339e9786dd4fda4f66223501718205e
-
SHA1
3c730307ed0539bacef3eda3df24aff5a344cfc0
-
SHA256
aba2d7ec3b124fa475258bf1c681a5a54b082a6185811203e02233f453c26334
-
SHA512
362301cdd929c65c63e2f9593b72b0ed7ae92d3b72d6444c2fcb4c049459d4a66c84b3a7ef15ebc26a2db878f7b80aec595fa0ac56a9a2268d5c6a6ba9aaf837
-
SSDEEP
393216:te7K+Lukn/s1KFdu92n5o54Sm/YKBSYkT1fD9Fq7uG7WguoQbQBOQsbgq7ag:UKmppNSejkY0L9FfbgdBONgq7B
Malware Config
Targets
-
-
Target
2024-07-03_7339e9786dd4fda4f66223501718205e_floxif_icedid_poet-rat
-
Size
28.4MB
-
MD5
7339e9786dd4fda4f66223501718205e
-
SHA1
3c730307ed0539bacef3eda3df24aff5a344cfc0
-
SHA256
aba2d7ec3b124fa475258bf1c681a5a54b082a6185811203e02233f453c26334
-
SHA512
362301cdd929c65c63e2f9593b72b0ed7ae92d3b72d6444c2fcb4c049459d4a66c84b3a7ef15ebc26a2db878f7b80aec595fa0ac56a9a2268d5c6a6ba9aaf837
-
SSDEEP
393216:te7K+Lukn/s1KFdu92n5o54Sm/YKBSYkT1fD9Fq7uG7WguoQbQBOQsbgq7ag:UKmppNSejkY0L9FfbgdBONgq7B
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-