General

  • Target

    26e382e80f4ec83719a99c214023e7e4

  • Size

    217KB

  • Sample

    240916-1643mssflr

  • MD5

    26e382e80f4ec83719a99c214023e7e4

  • SHA1

    0bf3bd3340e341eaa44fcd94eee707f751b497f1

  • SHA256

    4bac0dfba0f3b53bf620f991aa00b5e35e47bc0ce1c35edf768c9c32bfdfaa5f

  • SHA512

    5a11778deafa9e5596a75861d8f531e5a575886d6332dbe025af169a55dcc08713be61906acd6424e4753930b145a9775c0a74fc3fa3926b7b62ee88b24e055b

  • SSDEEP

    6144:Lh4kSdQ6mCtnRPF9cCGr/uH4sQvMRlkM4RD/qzMfU5P:LukinRNh4uHOMRGM4h/qofqP

Malware Config

Targets

    • Target

      26e382e80f4ec83719a99c214023e7e4

    • Size

      217KB

    • MD5

      26e382e80f4ec83719a99c214023e7e4

    • SHA1

      0bf3bd3340e341eaa44fcd94eee707f751b497f1

    • SHA256

      4bac0dfba0f3b53bf620f991aa00b5e35e47bc0ce1c35edf768c9c32bfdfaa5f

    • SHA512

      5a11778deafa9e5596a75861d8f531e5a575886d6332dbe025af169a55dcc08713be61906acd6424e4753930b145a9775c0a74fc3fa3926b7b62ee88b24e055b

    • SSDEEP

      6144:Lh4kSdQ6mCtnRPF9cCGr/uH4sQvMRlkM4RD/qzMfU5P:LukinRNh4uHOMRGM4h/qofqP

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Network Service Discovery

      Attempt to gather information on host's network.

MITRE ATT&CK Enterprise v15

Tasks