FloodFix
FloodFix
FloodFix2
FloodFix2
crc32
crc32
Behavioral task
behavioral1
Sample
TrojanDropper.Win32.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
TrojanDropper.Win32.dll
Resource
win10v2004-20240802-en
Target
TrojanDropper.Win32.Floxif-881fa82e7cd7a08691f6d8795c37e3edf2d9c134ee1dc01d3251775a0f04c503N
Size
80KB
MD5
da876b1ccfc32e48447fb2bcd97d7100
SHA1
caa2d84d33c8701408dbb04aa50929ec0cb39982
SHA256
881fa82e7cd7a08691f6d8795c37e3edf2d9c134ee1dc01d3251775a0f04c503
SHA512
8236977145e3419ede6c56d53be466376064ab94a888ad41309884080922892475bc13f3b1767f421241d89716cc2f7a853e3df27cc76dd7b838f8e53077b646
SSDEEP
1536:5POOhfbOjovgdVydUgoNrwBZXGDaZ1QIxrfItMgR7ZaO+fGxHZPEZ9lpy:5dbwovEVyqgoZmZXWfIdQdRaefPslE
| resource | yara_rule |
|---|---|
| sample | floxif |
Detects file using ACProtect software.
| resource | yara_rule |
|---|---|
| sample | acprotect |
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| TrojanDropper.Win32.Floxif-881fa82e7cd7a08691f6d8795c37e3edf2d9c134ee1dc01d3251775a0f04c503N |
| unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
FloodFix
FloodFix
FloodFix2
FloodFix2
crc32
crc32
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ