General

  • Target

    2024-07-30_3f9ccdcb6dca3fc5db8fb4f19c54ac15_bkransomware_floxif_hijackloader

  • Size

    2.0MB

  • Sample

    240730-ase89aydjr

  • MD5

    3f9ccdcb6dca3fc5db8fb4f19c54ac15

  • SHA1

    4b4320d1ddc2eb58758636577e13daaf3ed47f8d

  • SHA256

    0cfc80dd5a030013cb0e46e8cf1ca1bb031af1a310ba12c834c38965b9e26d2e

  • SHA512

    6be337f929485f9b2a1abd19f44ba0113f15098c4a237faa3fa938ed347c6470e935feb9675ebcf9e0bb1681431ddbb08df87fb3742297b7c1365617b31c6a36

  • SSDEEP

    49152:Dk0eo5nJIioHlq+c6gXR92IISNbecXxHDoU83M7sSZOZVVNa6ZH:Dk25nHoHlq+c6y92IBRecXxHUU83M7sP

Malware Config

Targets

    • Target

      2024-07-30_3f9ccdcb6dca3fc5db8fb4f19c54ac15_bkransomware_floxif_hijackloader

    • Size

      2.0MB

    • MD5

      3f9ccdcb6dca3fc5db8fb4f19c54ac15

    • SHA1

      4b4320d1ddc2eb58758636577e13daaf3ed47f8d

    • SHA256

      0cfc80dd5a030013cb0e46e8cf1ca1bb031af1a310ba12c834c38965b9e26d2e

    • SHA512

      6be337f929485f9b2a1abd19f44ba0113f15098c4a237faa3fa938ed347c6470e935feb9675ebcf9e0bb1681431ddbb08df87fb3742297b7c1365617b31c6a36

    • SSDEEP

      49152:Dk0eo5nJIioHlq+c6gXR92IISNbecXxHDoU83M7sSZOZVVNa6ZH:Dk25nHoHlq+c6y92IBRecXxHUU83M7sP

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks