General

  • Target

    c1e9e6104a9d8378b2babf2bcfd153bbad19189a97eeeb51f18f565e802dadb5

  • Size

    158KB

  • Sample

    240915-bt91paycrc

  • MD5

    a4ba539a8c345e0c90ed679eac124e49

  • SHA1

    46eeda32d453f75432f1f79cec24e9d152058ab7

  • SHA256

    c1e9e6104a9d8378b2babf2bcfd153bbad19189a97eeeb51f18f565e802dadb5

  • SHA512

    f805ef19519fbe5c8c1c3a9c9d2f5ded67ba6a08930e5dabafd8bccd9078e182823de125e956e9bec3fa651c62fc6a86514d80b6ba333754215a24925e51152a

  • SSDEEP

    3072:0lzDRjhU676gVhx+pecbiya82lQBV+UdE+rECWp7hKMSjxVD:0jh9Bh+ecbiQBV+UdvrEFp7hKMSjrD

Malware Config

Targets

    • Target

      c1e9e6104a9d8378b2babf2bcfd153bbad19189a97eeeb51f18f565e802dadb5

    • Size

      158KB

    • MD5

      a4ba539a8c345e0c90ed679eac124e49

    • SHA1

      46eeda32d453f75432f1f79cec24e9d152058ab7

    • SHA256

      c1e9e6104a9d8378b2babf2bcfd153bbad19189a97eeeb51f18f565e802dadb5

    • SHA512

      f805ef19519fbe5c8c1c3a9c9d2f5ded67ba6a08930e5dabafd8bccd9078e182823de125e956e9bec3fa651c62fc6a86514d80b6ba333754215a24925e51152a

    • SSDEEP

      3072:0lzDRjhU676gVhx+pecbiya82lQBV+UdE+rECWp7hKMSjxVD:0jh9Bh+ecbiQBV+UdvrEFp7hKMSjrD

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks