General

  • Target

    99a9637b505462239de2e2c00593bdc0N.exe

  • Size

    108KB

  • Sample

    240817-kf8edawgkg

  • MD5

    99a9637b505462239de2e2c00593bdc0

  • SHA1

    5a9858bfaf277baca57eb389355bd52787778524

  • SHA256

    42cac0ea845e7a85249d5f9120926a2ecf6811014c4cdbdef020e4ab008b0bf3

  • SHA512

    15d466cd0c077178e3ea140c4487decca7caf383b21050cfc91b0965a2eea53ace6e625fef389b8df38f3997baed0ed990cd7d3de56b4fed31e8d61b6a43e4ce

  • SSDEEP

    1536:Qp2m9h3pQDGmxWRqWTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQWWQo9kO:Q13pQDngX2lQBV+UdE+rECWp7hKJWemh

Malware Config

Targets

    • Target

      99a9637b505462239de2e2c00593bdc0N.exe

    • Size

      108KB

    • MD5

      99a9637b505462239de2e2c00593bdc0

    • SHA1

      5a9858bfaf277baca57eb389355bd52787778524

    • SHA256

      42cac0ea845e7a85249d5f9120926a2ecf6811014c4cdbdef020e4ab008b0bf3

    • SHA512

      15d466cd0c077178e3ea140c4487decca7caf383b21050cfc91b0965a2eea53ace6e625fef389b8df38f3997baed0ed990cd7d3de56b4fed31e8d61b6a43e4ce

    • SSDEEP

      1536:Qp2m9h3pQDGmxWRqWTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQWWQo9kO:Q13pQDngX2lQBV+UdE+rECWp7hKJWemh

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Blocklisted process makes network request

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks