General

  • Target

    9ea6f614458944655ec41a1ce46d8d0c486dadfdc5cebe4e41852b4fcba56e3e

  • Size

    277KB

  • Sample

    240910-kb3nbsthnr

  • MD5

    94af4c07ef1bc4b7212df667f7d8ee81

  • SHA1

    d448ea1e1ad35c4ed04e75a706c09aec671ba453

  • SHA256

    9ea6f614458944655ec41a1ce46d8d0c486dadfdc5cebe4e41852b4fcba56e3e

  • SHA512

    73a2d38111cb7ca5a9b0c18c4f09d42ec327e5daec34909de69411f8bed185759959364657d7373b35d3d6f84df3c2d8688e36e1bee318f3c8f76f8a489be2ba

  • SSDEEP

    3072:vHrfzYPc6X/YuW4l/DReos0gXf+GgMuoB+UKrRiEOB9dXCQT1X/MK0dk5xMBQLJW:AAsl/DRfkJgM7B+mCGBV+UdvrEFp7hKc

Malware Config

Targets

    • Target

      9ea6f614458944655ec41a1ce46d8d0c486dadfdc5cebe4e41852b4fcba56e3e

    • Size

      277KB

    • MD5

      94af4c07ef1bc4b7212df667f7d8ee81

    • SHA1

      d448ea1e1ad35c4ed04e75a706c09aec671ba453

    • SHA256

      9ea6f614458944655ec41a1ce46d8d0c486dadfdc5cebe4e41852b4fcba56e3e

    • SHA512

      73a2d38111cb7ca5a9b0c18c4f09d42ec327e5daec34909de69411f8bed185759959364657d7373b35d3d6f84df3c2d8688e36e1bee318f3c8f76f8a489be2ba

    • SSDEEP

      3072:vHrfzYPc6X/YuW4l/DReos0gXf+GgMuoB+UKrRiEOB9dXCQT1X/MK0dk5xMBQLJW:AAsl/DRfkJgM7B+mCGBV+UdvrEFp7hKc

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks