General
-
Target
81fa479f4b04b283a716ab2e62de0a3f07a3776076723a3025552dd76e6b7497
-
Size
730KB
-
Sample
240710-a5daesxgnc
-
MD5
48cf1f26f078c9c9712bb440f3442d72
-
SHA1
af1dc18bbe55a8c1ed212c78c574d468b8ab1269
-
SHA256
81fa479f4b04b283a716ab2e62de0a3f07a3776076723a3025552dd76e6b7497
-
SHA512
3a4da8415929e02d72b910d24a9fcd9ceb0c157c25140c4606c19d281d825667ee157d31b71dda2caeb449555edab8211481515f37c38f700680205c1b362035
-
SSDEEP
12288:BlQ9IP2EyZz77XC1eVr1ltWlfnTfExyRM3XTjsXZ6M6CgvHnRgF8+3ZxBjvrEH7l:BlQiPI7LCeV5Lq7f4ym3XfyZ6M6z5gS/
Malware Config
Targets
-
-
Target
81fa479f4b04b283a716ab2e62de0a3f07a3776076723a3025552dd76e6b7497
-
Size
730KB
-
MD5
48cf1f26f078c9c9712bb440f3442d72
-
SHA1
af1dc18bbe55a8c1ed212c78c574d468b8ab1269
-
SHA256
81fa479f4b04b283a716ab2e62de0a3f07a3776076723a3025552dd76e6b7497
-
SHA512
3a4da8415929e02d72b910d24a9fcd9ceb0c157c25140c4606c19d281d825667ee157d31b71dda2caeb449555edab8211481515f37c38f700680205c1b362035
-
SSDEEP
12288:BlQ9IP2EyZz77XC1eVr1ltWlfnTfExyRM3XTjsXZ6M6CgvHnRgF8+3ZxBjvrEH7l:BlQiPI7LCeV5Lq7f4ym3XfyZ6M6z5gS/
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-