General

  • Target

    ac5a457813a6b2f6f5e95399edeb50baad802763aaf7d01b16fa49b3e7c9c83f

  • Size

    277KB

  • Sample

    240913-sfy5psvfqb

  • MD5

    3e51b98e2e7e07de2c04b15e75de2b88

  • SHA1

    072f2109d104db594a8ee0960427a10ebe47362a

  • SHA256

    ac5a457813a6b2f6f5e95399edeb50baad802763aaf7d01b16fa49b3e7c9c83f

  • SHA512

    24d5cb4ddf7c301167f517261383bac808a5a22980502b8f5d6f8ba1caa59bfd67c6dd913f1212a152ebde9af9dd128ea457fea10f957b79790a76fca63fe657

  • SSDEEP

    6144:AAF9fkTC3dM7B+mCGBV+UdvrEFp7hKNGO:AAF9fky6B+mCGBjvrEH7NO

Malware Config

Targets

    • Target

      ac5a457813a6b2f6f5e95399edeb50baad802763aaf7d01b16fa49b3e7c9c83f

    • Size

      277KB

    • MD5

      3e51b98e2e7e07de2c04b15e75de2b88

    • SHA1

      072f2109d104db594a8ee0960427a10ebe47362a

    • SHA256

      ac5a457813a6b2f6f5e95399edeb50baad802763aaf7d01b16fa49b3e7c9c83f

    • SHA512

      24d5cb4ddf7c301167f517261383bac808a5a22980502b8f5d6f8ba1caa59bfd67c6dd913f1212a152ebde9af9dd128ea457fea10f957b79790a76fca63fe657

    • SSDEEP

      6144:AAF9fkTC3dM7B+mCGBV+UdvrEFp7hKNGO:AAF9fky6B+mCGBjvrEH7NO

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks