General

  • Target

    635d0614db9ae5a998a14c9688eb2740N.exe

  • Size

    277KB

  • Sample

    240816-ka1scavbla

  • MD5

    635d0614db9ae5a998a14c9688eb2740

  • SHA1

    aa5f35204aa1f288abb2599d919b9fc49fc9bc36

  • SHA256

    281b51acce69bb33dd5435c104e311ef38f5693e3e74d80acf9b84cc1d8e45ca

  • SHA512

    82068387f927dbaaa2873b867919ba87732ba83b801241f8189c07c44f0714375264cb651d7d2fff9e1812a458ef01bd929af14d212edebcac76f57fcf91bc91

  • SSDEEP

    6144:AAPl/DD3TC3dM7B+mCGBV+UdvrEFp7hKTGh:AAPlbD3y6B+mCGBjvrEH78Gh

Malware Config

Targets

    • Target

      635d0614db9ae5a998a14c9688eb2740N.exe

    • Size

      277KB

    • MD5

      635d0614db9ae5a998a14c9688eb2740

    • SHA1

      aa5f35204aa1f288abb2599d919b9fc49fc9bc36

    • SHA256

      281b51acce69bb33dd5435c104e311ef38f5693e3e74d80acf9b84cc1d8e45ca

    • SHA512

      82068387f927dbaaa2873b867919ba87732ba83b801241f8189c07c44f0714375264cb651d7d2fff9e1812a458ef01bd929af14d212edebcac76f57fcf91bc91

    • SSDEEP

      6144:AAPl/DD3TC3dM7B+mCGBV+UdvrEFp7hKTGh:AAPlbD3y6B+mCGBjvrEH78Gh

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks