General

  • Target

    9e0402280bdc5b0a3c03e6f7b745b89626e6d9b92bfeded1fb5bae153cdfdc85

  • Size

    277KB

  • Sample

    240913-sk5haavhjh

  • MD5

    bbe29f3ecc94bbe70ad5d3abe66ee15c

  • SHA1

    cf4b769488816272c0c5f36ff67cc27d3e696d10

  • SHA256

    9e0402280bdc5b0a3c03e6f7b745b89626e6d9b92bfeded1fb5bae153cdfdc85

  • SHA512

    3576b99dfc392a0e14ede62048b6d0f240ab9373025e1180e03c8068e1909422625ea140e8040c18de0f68f132acd57fde3457eaa30817c750393b65fab9e36e

  • SSDEEP

    6144:dRAnl/DRfkTC3dM7B+mCGBV+UdvrEFp7hKiW:dRAnlbRfky6B+mCGBjvrEH7NW

Malware Config

Targets

    • Target

      9e0402280bdc5b0a3c03e6f7b745b89626e6d9b92bfeded1fb5bae153cdfdc85

    • Size

      277KB

    • MD5

      bbe29f3ecc94bbe70ad5d3abe66ee15c

    • SHA1

      cf4b769488816272c0c5f36ff67cc27d3e696d10

    • SHA256

      9e0402280bdc5b0a3c03e6f7b745b89626e6d9b92bfeded1fb5bae153cdfdc85

    • SHA512

      3576b99dfc392a0e14ede62048b6d0f240ab9373025e1180e03c8068e1909422625ea140e8040c18de0f68f132acd57fde3457eaa30817c750393b65fab9e36e

    • SSDEEP

      6144:dRAnl/DRfkTC3dM7B+mCGBV+UdvrEFp7hKiW:dRAnlbRfky6B+mCGBjvrEH7NW

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks