General

  • Target

    2024-09-26_a609d7405aa98c9b74bab8f423296ea5_bkransomware_floxif

  • Size

    2.8MB

  • Sample

    240926-flvy1syenk

  • MD5

    a609d7405aa98c9b74bab8f423296ea5

  • SHA1

    297a724e9fb6dc3e120dbf8cd9688ee7ce2d09ac

  • SHA256

    c17744a607a135dfa5f5b569a933b38d662ad826d47c3c6b931ef376b188641e

  • SHA512

    678b394e0a74423b71f980d521d0585dcf64de9537c585a12ebcc505320765093a377fb71bd0adafa5a3cd04c60c9899afdfaf9df76d88d3fbff9d311cf45edf

  • SSDEEP

    49152:JUGfVmbvGw/IxcszltY7q/qqDvGUP5c+8MP7bZuRSaWqJ6DaYWW0K2ViaP3lo61R:JUCVZw/IxvzU7qSqDvGUPFzluRm6NK2V

Malware Config

Targets

    • Target

      2024-09-26_a609d7405aa98c9b74bab8f423296ea5_bkransomware_floxif

    • Size

      2.8MB

    • MD5

      a609d7405aa98c9b74bab8f423296ea5

    • SHA1

      297a724e9fb6dc3e120dbf8cd9688ee7ce2d09ac

    • SHA256

      c17744a607a135dfa5f5b569a933b38d662ad826d47c3c6b931ef376b188641e

    • SHA512

      678b394e0a74423b71f980d521d0585dcf64de9537c585a12ebcc505320765093a377fb71bd0adafa5a3cd04c60c9899afdfaf9df76d88d3fbff9d311cf45edf

    • SSDEEP

      49152:JUGfVmbvGw/IxcszltY7q/qqDvGUP5c+8MP7bZuRSaWqJ6DaYWW0K2ViaP3lo61R:JUCVZw/IxvzU7qSqDvGUPFzluRm6NK2V

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks