General

  • Target

    5f3537a4ed491c75031b89811c5d23c5bff91fc40e7ad0986204a2bd20cdfc7e

  • Size

    234KB

  • Sample

    240910-h9rbvatcqd

  • MD5

    eb5f1be3364e3e2965af47c5d4df558b

  • SHA1

    1a3769a265ba38d5e5fffae8ce4f0a91a168e56e

  • SHA256

    5f3537a4ed491c75031b89811c5d23c5bff91fc40e7ad0986204a2bd20cdfc7e

  • SHA512

    48043cef24249ed1fdcf689c2573dc06ea47fafb986d186cbe7efc6f7cb966a53935b6024b636cadbb828dcff844ef4a4c19d7556b4046188e51ac8bf663e0b8

  • SSDEEP

    3072:uwzvOYTV5YP/PW/DvbEvK9aobNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZw:bViP/P6h9H/B+/kBV+UdvrEFp7hKZprs

Malware Config

Targets

    • Target

      5f3537a4ed491c75031b89811c5d23c5bff91fc40e7ad0986204a2bd20cdfc7e

    • Size

      234KB

    • MD5

      eb5f1be3364e3e2965af47c5d4df558b

    • SHA1

      1a3769a265ba38d5e5fffae8ce4f0a91a168e56e

    • SHA256

      5f3537a4ed491c75031b89811c5d23c5bff91fc40e7ad0986204a2bd20cdfc7e

    • SHA512

      48043cef24249ed1fdcf689c2573dc06ea47fafb986d186cbe7efc6f7cb966a53935b6024b636cadbb828dcff844ef4a4c19d7556b4046188e51ac8bf663e0b8

    • SSDEEP

      3072:uwzvOYTV5YP/PW/DvbEvK9aobNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZw:bViP/P6h9H/B+/kBV+UdvrEFp7hKZprs

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks