General

  • Target

    Virus.Win32.Floxif.H-5be200e26d8d9fe634febf82fc5e26a71852cb7737d8e86b615970a656868b89N

  • Size

    153KB

  • Sample

    240915-3thpzsybpg

  • MD5

    cfc2974be2f782c85a7a36835d0ff050

  • SHA1

    db9473ce25e3913275049b0e597bc208cd36a49a

  • SHA256

    5be200e26d8d9fe634febf82fc5e26a71852cb7737d8e86b615970a656868b89

  • SHA512

    b628e6fb4d76eb583377cbc63b8eb5f3a71aadb681f2f03622edfc373f8a4a8babb27ccee7c9bfc444ea3513caa281a8ef5e5e9c9b0dcd6ce5f4bd57da914fba

  • SSDEEP

    3072:8MFxacj2SlZXI5R2vO2lQBV+UdE+rECWp7hKTH:Y9oXAq0BV+UdvrEFp7hKTH

Malware Config

Targets

    • Target

      Virus.Win32.Floxif.H-5be200e26d8d9fe634febf82fc5e26a71852cb7737d8e86b615970a656868b89N

    • Size

      153KB

    • MD5

      cfc2974be2f782c85a7a36835d0ff050

    • SHA1

      db9473ce25e3913275049b0e597bc208cd36a49a

    • SHA256

      5be200e26d8d9fe634febf82fc5e26a71852cb7737d8e86b615970a656868b89

    • SHA512

      b628e6fb4d76eb583377cbc63b8eb5f3a71aadb681f2f03622edfc373f8a4a8babb27ccee7c9bfc444ea3513caa281a8ef5e5e9c9b0dcd6ce5f4bd57da914fba

    • SSDEEP

      3072:8MFxacj2SlZXI5R2vO2lQBV+UdE+rECWp7hKTH:Y9oXAq0BV+UdvrEFp7hKTH

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks