General
-
Target
c18db34a8ab42c043e2a4d1d82a0fc3a30cdc41d74fd8ff49b8dcd3c54e10cf6
-
Size
1.4MB
-
Sample
240811-cgfrratglc
-
MD5
53e66348f578d46ad0b2e6bbf0d416ec
-
SHA1
28fee1e7cf002c8096c1d7fe9dc1dd9d2d83887f
-
SHA256
c18db34a8ab42c043e2a4d1d82a0fc3a30cdc41d74fd8ff49b8dcd3c54e10cf6
-
SHA512
fa99eaa4613c786130246dc2ed2d31c34ad0cf10cc9243affaaf99dbbaafbe8ebc24ef5c04880ffae7b43110a9ee393f51754d44f4a97c815afe8dc306f5f957
-
SSDEEP
24576:5ecSNjIohfwK58W0c3k9A99JFWt8HhGokqxTiAQn9VOorEH7+:5pCp58W0c3kejJcORpiAMnH
Malware Config
Targets
-
-
Target
c18db34a8ab42c043e2a4d1d82a0fc3a30cdc41d74fd8ff49b8dcd3c54e10cf6
-
Size
1.4MB
-
MD5
53e66348f578d46ad0b2e6bbf0d416ec
-
SHA1
28fee1e7cf002c8096c1d7fe9dc1dd9d2d83887f
-
SHA256
c18db34a8ab42c043e2a4d1d82a0fc3a30cdc41d74fd8ff49b8dcd3c54e10cf6
-
SHA512
fa99eaa4613c786130246dc2ed2d31c34ad0cf10cc9243affaaf99dbbaafbe8ebc24ef5c04880ffae7b43110a9ee393f51754d44f4a97c815afe8dc306f5f957
-
SSDEEP
24576:5ecSNjIohfwK58W0c3k9A99JFWt8HhGokqxTiAQn9VOorEH7+:5pCp58W0c3kejJcORpiAMnH
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-