General

  • Target

    2024-09-17_ebf446e04d85a9bbeac5b54d59548091_bkransomware_floxif_hijackloader

  • Size

    2.0MB

  • Sample

    240917-bv5glazamj

  • MD5

    ebf446e04d85a9bbeac5b54d59548091

  • SHA1

    d38c9c8fcc59d00265454c570c79577eb54c77ae

  • SHA256

    5e1e2e0c43a7413223f521671f6be4ef86ba7a3c51586122488935182f44bcee

  • SHA512

    7acc4806a1b5d2e814c72b83d15b393faa6b31df84388dc2e1417d9d55801c6d819909683530ba0ba4de5380aeb94538f9230d0ac61a7a323ccf9866650fac1c

  • SSDEEP

    49152:Dk0eo5nJIioHlq+c6gXR92IIMbecXxHDoyf3M7sSZOZVVNa6Zlq:Dk25nHoHlq+c6y92IjecXxHUyf3M7sxe

Malware Config

Targets

    • Target

      2024-09-17_ebf446e04d85a9bbeac5b54d59548091_bkransomware_floxif_hijackloader

    • Size

      2.0MB

    • MD5

      ebf446e04d85a9bbeac5b54d59548091

    • SHA1

      d38c9c8fcc59d00265454c570c79577eb54c77ae

    • SHA256

      5e1e2e0c43a7413223f521671f6be4ef86ba7a3c51586122488935182f44bcee

    • SHA512

      7acc4806a1b5d2e814c72b83d15b393faa6b31df84388dc2e1417d9d55801c6d819909683530ba0ba4de5380aeb94538f9230d0ac61a7a323ccf9866650fac1c

    • SSDEEP

      49152:Dk0eo5nJIioHlq+c6gXR92IIMbecXxHDoyf3M7sSZOZVVNa6Zlq:Dk25nHoHlq+c6y92IjecXxHUyf3M7sxe

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks