General

  • Target

    feeeda969bee1a83957acf2816827fd78c43ea1075b03499d6dacb61cb7dbbf5

  • Size

    117KB

  • Sample

    240917-dys9vasdrq

  • MD5

    79c7cdb0fc7d04e520ae73160506f913

  • SHA1

    707c1c0fdd363a508ddcc9491ae6b6b1f2c73d64

  • SHA256

    feeeda969bee1a83957acf2816827fd78c43ea1075b03499d6dacb61cb7dbbf5

  • SHA512

    0840e095b3fc39aaee0f93d3d316a8c7ce4f7c19a0a18756defa64c616ce07b12061965f9cd1ccdc4fcef822869728f2fde346ea9cdb5fdb419bc25a983fd26b

  • SSDEEP

    3072:V+AB6Ss6f5UV+ByH2lQBV+UdE+rECWp7hKY9d2:V86BiBV+UdvrEFp7hKmE

Malware Config

Targets

    • Target

      feeeda969bee1a83957acf2816827fd78c43ea1075b03499d6dacb61cb7dbbf5

    • Size

      117KB

    • MD5

      79c7cdb0fc7d04e520ae73160506f913

    • SHA1

      707c1c0fdd363a508ddcc9491ae6b6b1f2c73d64

    • SHA256

      feeeda969bee1a83957acf2816827fd78c43ea1075b03499d6dacb61cb7dbbf5

    • SHA512

      0840e095b3fc39aaee0f93d3d316a8c7ce4f7c19a0a18756defa64c616ce07b12061965f9cd1ccdc4fcef822869728f2fde346ea9cdb5fdb419bc25a983fd26b

    • SSDEEP

      3072:V+AB6Ss6f5UV+ByH2lQBV+UdE+rECWp7hKY9d2:V86BiBV+UdvrEFp7hKmE

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks