General

  • Target

    f89bc19c3115ea792cd33694aa4d00581780c3c481986d1ae5d1a596fb28632a

  • Size

    440KB

  • Sample

    240730-hmygmszald

  • MD5

    50fc1089d94c1f38faf40bff36de2055

  • SHA1

    17e61f02e9add84724f0b0d77fce252bfa9a39fc

  • SHA256

    f89bc19c3115ea792cd33694aa4d00581780c3c481986d1ae5d1a596fb28632a

  • SHA512

    ac3f18f7586d877c8d130ea00a5c5c0c10ad7982b787207b4b28a82df1efe9a9f7a20843397c329c0b304b3ef1a4fe9c86895eb9e0905da502c0c62943c3bf2e

  • SSDEEP

    12288:2/J+CtaxnjZpAbxdxDcWcnR4bfXfwiSeiw8xHgbYpjg8NO5LeWfF02/S0lqJqcZU:+el3+5ffeUYqcZQCGm4YprEH7np

Malware Config

Targets

    • Target

      f89bc19c3115ea792cd33694aa4d00581780c3c481986d1ae5d1a596fb28632a

    • Size

      440KB

    • MD5

      50fc1089d94c1f38faf40bff36de2055

    • SHA1

      17e61f02e9add84724f0b0d77fce252bfa9a39fc

    • SHA256

      f89bc19c3115ea792cd33694aa4d00581780c3c481986d1ae5d1a596fb28632a

    • SHA512

      ac3f18f7586d877c8d130ea00a5c5c0c10ad7982b787207b4b28a82df1efe9a9f7a20843397c329c0b304b3ef1a4fe9c86895eb9e0905da502c0c62943c3bf2e

    • SSDEEP

      12288:2/J+CtaxnjZpAbxdxDcWcnR4bfXfwiSeiw8xHgbYpjg8NO5LeWfF02/S0lqJqcZU:+el3+5ffeUYqcZQCGm4YprEH7np

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks