General

  • Target

    db5bc883a413733f1e2142c5af54fa90N

  • Size

    8.7MB

  • Sample

    240909-lhck6atera

  • MD5

    db5bc883a413733f1e2142c5af54fa90

  • SHA1

    0d4af15cf635283ba544203e3f285799f03fa014

  • SHA256

    6187ad6765d254ef3cb221b80ff19bd46cb7ffade959decb4b3e1e6856f3d1fc

  • SHA512

    51ed3c36f98835b950cc54fa1f6e7b4e0f5cae08f2b90b0ac47de40a2e64b9dd9aba8091414cb47201549fb3672d3b560901a8915847b9fe7abc0bc3ff687677

  • SSDEEP

    98304:tvn2TfhLyWbvVqGwE1CVCKEzCavuugvEYvHlnr9wXfxUE:tvn+hLy4VnwE1CVCK8Cjv1+V

Malware Config

Targets

    • Target

      db5bc883a413733f1e2142c5af54fa90N

    • Size

      8.7MB

    • MD5

      db5bc883a413733f1e2142c5af54fa90

    • SHA1

      0d4af15cf635283ba544203e3f285799f03fa014

    • SHA256

      6187ad6765d254ef3cb221b80ff19bd46cb7ffade959decb4b3e1e6856f3d1fc

    • SHA512

      51ed3c36f98835b950cc54fa1f6e7b4e0f5cae08f2b90b0ac47de40a2e64b9dd9aba8091414cb47201549fb3672d3b560901a8915847b9fe7abc0bc3ff687677

    • SSDEEP

      98304:tvn2TfhLyWbvVqGwE1CVCKEzCavuugvEYvHlnr9wXfxUE:tvn+hLy4VnwE1CVCK8Cjv1+V

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Network Service Discovery

      Attempt to gather information on host's network.

MITRE ATT&CK Enterprise v15

Tasks