General
-
Target
05194f469cdf01bcac9fc8d05306cba0N.exe
-
Size
138KB
-
Sample
240801-1bmvwa1crg
-
MD5
05194f469cdf01bcac9fc8d05306cba0
-
SHA1
e8b698c03e529c4054bf37e99815faf01dd50883
-
SHA256
414b8987e4e6711167138ac82b6de04ef5b3d6f3d4770183a5ffdd7df0688dd9
-
SHA512
7034dbb3b5fd47009d11fe7081ea837d3650d8040dcb69c465bb28d707991882bcff225a475d5e0d77f5ce35602a27f6ec86a87f05139120d2d74f69ebcd81da
-
SSDEEP
3072:k3plBITsQvVqRlkM4OAD/KLznBuB2JA2Bjcl3:k3lesQvMRlkM4RD/qzMfU4l3
Malware Config
Targets
-
-
Target
05194f469cdf01bcac9fc8d05306cba0N.exe
-
Size
138KB
-
MD5
05194f469cdf01bcac9fc8d05306cba0
-
SHA1
e8b698c03e529c4054bf37e99815faf01dd50883
-
SHA256
414b8987e4e6711167138ac82b6de04ef5b3d6f3d4770183a5ffdd7df0688dd9
-
SHA512
7034dbb3b5fd47009d11fe7081ea837d3650d8040dcb69c465bb28d707991882bcff225a475d5e0d77f5ce35602a27f6ec86a87f05139120d2d74f69ebcd81da
-
SSDEEP
3072:k3plBITsQvVqRlkM4OAD/KLznBuB2JA2Bjcl3:k3lesQvMRlkM4RD/qzMfU4l3
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Network Service Discovery
Attempt to gather information on host's network.
-