General

  • Target

    a0a29d76b6b23135a6426d097f66a2f0N.exe

  • Size

    1.8MB

  • Sample

    240817-mp52qa1ejd

  • MD5

    a0a29d76b6b23135a6426d097f66a2f0

  • SHA1

    116f5b5645c88fdb198d4c5448a601d0575e7cf3

  • SHA256

    a387d62d510c6261f28de4ea0663ffce12ea59132f01b2938c7de4e92f2304f2

  • SHA512

    11c338c4e06dbaced3b4aaa0483bcf5c458a87001beb778bc430cb5627976ece3945dfc343421e0d5c54976330f695e8c1a1f1c681c867c2badca7bcc8ce8759

  • SSDEEP

    49152:QhumpOpRzsOV9bzmkSMDGtsFh29slh4Reer+WZ:Qhump6xlG6A

Malware Config

Targets

    • Target

      a0a29d76b6b23135a6426d097f66a2f0N.exe

    • Size

      1.8MB

    • MD5

      a0a29d76b6b23135a6426d097f66a2f0

    • SHA1

      116f5b5645c88fdb198d4c5448a601d0575e7cf3

    • SHA256

      a387d62d510c6261f28de4ea0663ffce12ea59132f01b2938c7de4e92f2304f2

    • SHA512

      11c338c4e06dbaced3b4aaa0483bcf5c458a87001beb778bc430cb5627976ece3945dfc343421e0d5c54976330f695e8c1a1f1c681c867c2badca7bcc8ce8759

    • SSDEEP

      49152:QhumpOpRzsOV9bzmkSMDGtsFh29slh4Reer+WZ:Qhump6xlG6A

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks