General

  • Target

    66fac3ebf39b22c5eed0022225e67262ddff34bed8667d74a15b5d94e3e2bea8

  • Size

    551KB

  • Sample

    240910-rr4c5axenn

  • MD5

    7f27aa3656b506e870006d441e8156ee

  • SHA1

    57bf7fa8ae29feafd2b4b0354f75a28583546fbc

  • SHA256

    66fac3ebf39b22c5eed0022225e67262ddff34bed8667d74a15b5d94e3e2bea8

  • SHA512

    45154cce94763b5615bcbe6194421d6f5e2ad9807bb11e4dd17abadf292267cd7b795413f6167593b42cddea6549bd1fa3486a94c9b3196d7c0fb62842173248

  • SSDEEP

    12288:ddPNfsMMSsMM/BvMcsCMcsf3I9Ie/bS1+PMRRkRe+HGsyRq+CR1kvFJIGBjvrEHL:dxNfsMMSsMM/BvMcsCMcsfM/bS1+Pimp

Malware Config

Targets

    • Target

      66fac3ebf39b22c5eed0022225e67262ddff34bed8667d74a15b5d94e3e2bea8

    • Size

      551KB

    • MD5

      7f27aa3656b506e870006d441e8156ee

    • SHA1

      57bf7fa8ae29feafd2b4b0354f75a28583546fbc

    • SHA256

      66fac3ebf39b22c5eed0022225e67262ddff34bed8667d74a15b5d94e3e2bea8

    • SHA512

      45154cce94763b5615bcbe6194421d6f5e2ad9807bb11e4dd17abadf292267cd7b795413f6167593b42cddea6549bd1fa3486a94c9b3196d7c0fb62842173248

    • SSDEEP

      12288:ddPNfsMMSsMM/BvMcsCMcsf3I9Ie/bS1+PMRRkRe+HGsyRq+CR1kvFJIGBjvrEHL:dxNfsMMSsMM/BvMcsCMcsfM/bS1+Pimp

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks