General

  • Target

    1c5eba2705103a111d0a86a5deba4e10N

  • Size

    255KB

  • Sample

    240914-yda8rasblm

  • MD5

    1c5eba2705103a111d0a86a5deba4e10

  • SHA1

    2ae49dde082a776c7c7918b34014563b21a8f5ce

  • SHA256

    f6455b5e36dfa70c3348e63161454b0fb45142b51fdb45115e0b9526abdec71d

  • SHA512

    1a17e1a8cf684a5b1d4764f2af5e021fd6b19de2ff45c12bb23c04d734f3b76d727ae8270b44eb28de7e698bafa7abc1ad0eb9a1a806129acdd30f7c695ae099

  • SSDEEP

    6144:giC0b1c9t1DntYqG7BV+UdvrEFp7hKDgxmiG:giCt9RY/BjvrEH7WHx

Malware Config

Targets

    • Target

      1c5eba2705103a111d0a86a5deba4e10N

    • Size

      255KB

    • MD5

      1c5eba2705103a111d0a86a5deba4e10

    • SHA1

      2ae49dde082a776c7c7918b34014563b21a8f5ce

    • SHA256

      f6455b5e36dfa70c3348e63161454b0fb45142b51fdb45115e0b9526abdec71d

    • SHA512

      1a17e1a8cf684a5b1d4764f2af5e021fd6b19de2ff45c12bb23c04d734f3b76d727ae8270b44eb28de7e698bafa7abc1ad0eb9a1a806129acdd30f7c695ae099

    • SSDEEP

      6144:giC0b1c9t1DntYqG7BV+UdvrEFp7hKDgxmiG:giCt9RY/BjvrEH7WHx

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks