General
-
Target
03ac6c6ca590475707bdd49e810c1a7daaf07c61d439ac5de1ceba788bae982bN
-
Size
4.4MB
-
Sample
240919-gwlzjavclk
-
MD5
29c862de4bdb1a8ad1827eb0f298d7e0
-
SHA1
3bacf4f761a65c1da9391b715b3b2ff367e5dded
-
SHA256
03ac6c6ca590475707bdd49e810c1a7daaf07c61d439ac5de1ceba788bae982b
-
SHA512
65676c6f76d2e4574bf6b1073f3d0af8f52ea0f643ad4501f8afe14286eef57ddd7019546db9c842a8e4238e1bc6d7a6ef47fc13a02c444af1d8151fcc9cc877
-
SSDEEP
98304:Lq4tlQ0aeY51XNURYxaA6qjEb9tRuPmBmWBDLTMTtbslyzRt9cuISY6QZ:L1lhE9U6476itR+mLPw6lyZY6Q
Malware Config
Targets
-
-
Target
03ac6c6ca590475707bdd49e810c1a7daaf07c61d439ac5de1ceba788bae982bN
-
Size
4.4MB
-
MD5
29c862de4bdb1a8ad1827eb0f298d7e0
-
SHA1
3bacf4f761a65c1da9391b715b3b2ff367e5dded
-
SHA256
03ac6c6ca590475707bdd49e810c1a7daaf07c61d439ac5de1ceba788bae982b
-
SHA512
65676c6f76d2e4574bf6b1073f3d0af8f52ea0f643ad4501f8afe14286eef57ddd7019546db9c842a8e4238e1bc6d7a6ef47fc13a02c444af1d8151fcc9cc877
-
SSDEEP
98304:Lq4tlQ0aeY51XNURYxaA6qjEb9tRuPmBmWBDLTMTtbslyzRt9cuISY6QZ:L1lhE9U6476itR+mLPw6lyZY6Q
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-