General
-
Target
3dd6b5dfb4483a5c11c0256eeef0cfa0N.exe
-
Size
3.1MB
-
Sample
240724-dcsfesthlp
-
MD5
3dd6b5dfb4483a5c11c0256eeef0cfa0
-
SHA1
fb4611e3b991adf50ee2b294ec984e8b072cf03d
-
SHA256
21a39ab8e453464eb90b9f4ffc3e0ee515d77a200c48e3212839ddbb3f8f63de
-
SHA512
f6bb5bb5380d1ef0b349193fe1ebc8c9fe475a281b835821cc21abf93702dbf885ff7ec9cdcccafc53abc9b82c2ed92890ead000ae6ed654fe5fb1241f7512f7
-
SSDEEP
49152:K4x8xuLggCiFCiwRUalScrizVW6xUbokbGzQU3ZaSnhoaOkrhyE94uqO:K4x8xuLrCMCi+blfizxxlk6ySnhJyEQO
Malware Config
Targets
-
-
Target
3dd6b5dfb4483a5c11c0256eeef0cfa0N.exe
-
Size
3.1MB
-
MD5
3dd6b5dfb4483a5c11c0256eeef0cfa0
-
SHA1
fb4611e3b991adf50ee2b294ec984e8b072cf03d
-
SHA256
21a39ab8e453464eb90b9f4ffc3e0ee515d77a200c48e3212839ddbb3f8f63de
-
SHA512
f6bb5bb5380d1ef0b349193fe1ebc8c9fe475a281b835821cc21abf93702dbf885ff7ec9cdcccafc53abc9b82c2ed92890ead000ae6ed654fe5fb1241f7512f7
-
SSDEEP
49152:K4x8xuLggCiFCiwRUalScrizVW6xUbokbGzQU3ZaSnhoaOkrhyE94uqO:K4x8xuLrCMCi+blfizxxlk6ySnhJyEQO
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-