Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-25_8d602c94c3d44775e3d9d5f98ff714e5_bkransomware_floxif

  • Size

    9.8MB

  • Sample

    240925-pqzbnsyejf

  • MD5

    8d602c94c3d44775e3d9d5f98ff714e5

  • SHA1

    e2b3067cb3e774d74f84953fe705845784f1ba7e

  • SHA256

    ed560a52682fb84a70e6e133588dac95e5f43ff8cd29555a06dd7090618b0f51

  • SHA512

    a4fbcfcb0f3e2991714ed4bdea55d81d519fec1946b989a510cd89bfc0f25b97e59de8cdff8bfd45a4811f5289a6f57175ef73cbe10e39c5ba6e4ea3a44dc2c7

  • SSDEEP

    98304:1Sy3mKysr9uBxAWZTvNqL+R6JiFLOAkGkzdnEVomFHKnPZi:1jB2nqL+RjFLOyomFHKnPZi

Malware Config

Targets

    • Target

      2024-09-25_8d602c94c3d44775e3d9d5f98ff714e5_bkransomware_floxif

    • Size

      9.8MB

    • MD5

      8d602c94c3d44775e3d9d5f98ff714e5

    • SHA1

      e2b3067cb3e774d74f84953fe705845784f1ba7e

    • SHA256

      ed560a52682fb84a70e6e133588dac95e5f43ff8cd29555a06dd7090618b0f51

    • SHA512

      a4fbcfcb0f3e2991714ed4bdea55d81d519fec1946b989a510cd89bfc0f25b97e59de8cdff8bfd45a4811f5289a6f57175ef73cbe10e39c5ba6e4ea3a44dc2c7

    • SSDEEP

      98304:1Sy3mKysr9uBxAWZTvNqL+R6JiFLOAkGkzdnEVomFHKnPZi:1jB2nqL+RjFLOyomFHKnPZi

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks