General

  • Target

    21b37cba8c71b0aa660c430b1b288c1a1fef0a6e241d75a2bd2fd8bad49c54b7

  • Size

    277KB

  • Sample

    240926-gfxfbs1apk

  • MD5

    3407b283a5c08fdd8a8fb6a661f5bdec

  • SHA1

    f0eba36f82d0be6c29fbdfe9c1bfecd3a9e0c04c

  • SHA256

    21b37cba8c71b0aa660c430b1b288c1a1fef0a6e241d75a2bd2fd8bad49c54b7

  • SHA512

    d64d71f36278cdd2e74c1e6c64e1a3dad265321cb1581e2308b84a079dafe988455ea071bbbad7f6c54fc0aa29ff83265c9c9fcb91edec19448241759c97dd9a

  • SSDEEP

    6144:6TFlFDvFL0C3AeIB+WCzBV+UdvrEFp7hKsb:6TFlpvFLUnB+WCzBjvrEH75b

Malware Config

Targets

    • Target

      21b37cba8c71b0aa660c430b1b288c1a1fef0a6e241d75a2bd2fd8bad49c54b7

    • Size

      277KB

    • MD5

      3407b283a5c08fdd8a8fb6a661f5bdec

    • SHA1

      f0eba36f82d0be6c29fbdfe9c1bfecd3a9e0c04c

    • SHA256

      21b37cba8c71b0aa660c430b1b288c1a1fef0a6e241d75a2bd2fd8bad49c54b7

    • SHA512

      d64d71f36278cdd2e74c1e6c64e1a3dad265321cb1581e2308b84a079dafe988455ea071bbbad7f6c54fc0aa29ff83265c9c9fcb91edec19448241759c97dd9a

    • SSDEEP

      6144:6TFlFDvFL0C3AeIB+WCzBV+UdvrEFp7hKsb:6TFlpvFLUnB+WCzBjvrEH75b

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks