General

  • Target

    2024-09-26_83988245084d119e1358af2c9205af87_floxif_icedid

  • Size

    23.3MB

  • Sample

    240926-fh5n2s1gla

  • MD5

    83988245084d119e1358af2c9205af87

  • SHA1

    00255c39df6fe790e166a2a287c2540a574d35f8

  • SHA256

    cd91919f0d4912d4092379ea98a6032093cbab736300abd0dddbb26be901c0be

  • SHA512

    15564a2b4686e1d13c9b4b2320202a32a66da099234b64c7334f50380500d1baa0a550e92b02a6117c5b1c28a99cd9a55661a5424f80119a93fdf4da4d172ca2

  • SSDEEP

    393216:XhA825yeORrAZMTxp20AaZQ8coY5ShvEPO6vBgKwCGAfXLj:X+8HeABf21am8JY5WvEPOIgF6j

Malware Config

Targets

    • Target

      2024-09-26_83988245084d119e1358af2c9205af87_floxif_icedid

    • Size

      23.3MB

    • MD5

      83988245084d119e1358af2c9205af87

    • SHA1

      00255c39df6fe790e166a2a287c2540a574d35f8

    • SHA256

      cd91919f0d4912d4092379ea98a6032093cbab736300abd0dddbb26be901c0be

    • SHA512

      15564a2b4686e1d13c9b4b2320202a32a66da099234b64c7334f50380500d1baa0a550e92b02a6117c5b1c28a99cd9a55661a5424f80119a93fdf4da4d172ca2

    • SSDEEP

      393216:XhA825yeORrAZMTxp20AaZQ8coY5ShvEPO6vBgKwCGAfXLj:X+8HeABf21am8JY5WvEPOIgF6j

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks