General

  • Target

    89c0d9129db803ad46b8f6267b877600N

  • Size

    2.6MB

  • Sample

    240913-qc9qxssdqh

  • MD5

    89c0d9129db803ad46b8f6267b877600

  • SHA1

    0bec041b19c8550b476b0ecb69de5aaac6a528cd

  • SHA256

    a42a5b5e31254673cdd3788f31fc2aec7009c825c2e6ddf0cfc3334f27dbf399

  • SHA512

    fbb0b0c9c96be942334f105c41d0a4206f6d1ee298f090077b9155dd8360a5598850eef4938a241eb4dcf25d0e3946dbb9d9c05b9971cb7826a48cdb96cf4a54

  • SSDEEP

    49152:DPRsb8K+za3Ka9toPcocHoAEvYYYYYYYYYYYRYYYYYYYYYYp0AA7/eFGMI3:rRK2aCP7AEvYYYYYYYYYYYRYYYYYYYYy

Malware Config

Targets

    • Target

      89c0d9129db803ad46b8f6267b877600N

    • Size

      2.6MB

    • MD5

      89c0d9129db803ad46b8f6267b877600

    • SHA1

      0bec041b19c8550b476b0ecb69de5aaac6a528cd

    • SHA256

      a42a5b5e31254673cdd3788f31fc2aec7009c825c2e6ddf0cfc3334f27dbf399

    • SHA512

      fbb0b0c9c96be942334f105c41d0a4206f6d1ee298f090077b9155dd8360a5598850eef4938a241eb4dcf25d0e3946dbb9d9c05b9971cb7826a48cdb96cf4a54

    • SSDEEP

      49152:DPRsb8K+za3Ka9toPcocHoAEvYYYYYYYYYYYRYYYYYYYYYYp0AA7/eFGMI3:rRK2aCP7AEvYYYYYYYYYYYRYYYYYYYYy

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks