FloodFix
FloodFix
FloodFix2
FloodFix2
crc32
crc32
Behavioral task
behavioral1
Sample
0eb5594164ec395358d4cbaf0fc6c5d0N.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0eb5594164ec395358d4cbaf0fc6c5d0N.dll
Resource
win10v2004-20240802-en
Target
0eb5594164ec395358d4cbaf0fc6c5d0N
Size
76KB
MD5
0eb5594164ec395358d4cbaf0fc6c5d0
SHA1
790a3489f4829d1875be43aa947acdd959dee6a7
SHA256
0dcf69e3d7ca283ddddcb429f4c72637f2970f7180d789088a20952ef66e0635
SHA512
02e365485ec7872fc8319e7a88ea02dad274292fc9a2c285be5c538ef207c34ac74a875da3fc7181fa0368a4cfa13aa6df9087a32706d8d60298aec509879272
SSDEEP
1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZHSFg07oqmY4Q:c8y93KQjy7G55riF1cMo03cFg07oO4Q
Processes:
| resource | yara_rule |
|---|---|
| sample | floxif |
Detects file using ACProtect software.
Processes:
| resource | yara_rule |
|---|---|
| sample | acprotect |
Processes:
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
Processes:
| resource |
|---|
| 0eb5594164ec395358d4cbaf0fc6c5d0N |
| unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
FloodFix
FloodFix
FloodFix2
FloodFix2
crc32
crc32
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ