General
-
Target
f2332406870d3dcaf54272654fa0e2848fd0669be77611c8539963c1585a90ab
-
Size
5.5MB
-
Sample
240723-e7ctwsycjl
-
MD5
3fb96e542684a5701c015af586e5f029
-
SHA1
dabfb827e7fbb71d3b6579812fb7b3fc823c27ef
-
SHA256
f2332406870d3dcaf54272654fa0e2848fd0669be77611c8539963c1585a90ab
-
SHA512
4c218621ff5ceba4b62e9000430842121d30638fe7eec29da6897b04f4f0403f266a1ad211b839e5346d450426273495f6eff2bb34916f1b1536771f12e505c7
-
SSDEEP
98304:nL3sebimvssymgWKBclaxuHPCyTCaZHYI/MH/Fzz/kkLtiNy1FlHOLg5VPbik2Pq:L8e/vssymg7B0a4HayTLZH9INzzc8A0R
Malware Config
Targets
-
-
Target
f2332406870d3dcaf54272654fa0e2848fd0669be77611c8539963c1585a90ab
-
Size
5.5MB
-
MD5
3fb96e542684a5701c015af586e5f029
-
SHA1
dabfb827e7fbb71d3b6579812fb7b3fc823c27ef
-
SHA256
f2332406870d3dcaf54272654fa0e2848fd0669be77611c8539963c1585a90ab
-
SHA512
4c218621ff5ceba4b62e9000430842121d30638fe7eec29da6897b04f4f0403f266a1ad211b839e5346d450426273495f6eff2bb34916f1b1536771f12e505c7
-
SSDEEP
98304:nL3sebimvssymgWKBclaxuHPCyTCaZHYI/MH/Fzz/kkLtiNy1FlHOLg5VPbik2Pq:L8e/vssymg7B0a4HayTLZH9INzzc8A0R
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-