General

  • Target

    b96de7d1e25aca8a88c27ccad5403650a98c9ed12db60d230e6984edc233e79d

  • Size

    287KB

  • Sample

    240926-hm5kystbrq

  • MD5

    4ec0249c043cca3f463add42e274c637

  • SHA1

    68b426f768732e8b9ac6aedc49e264ef9677f550

  • SHA256

    b96de7d1e25aca8a88c27ccad5403650a98c9ed12db60d230e6984edc233e79d

  • SHA512

    9cabe1c64491c866164c37d07875ffd3175506379aaf83b5cfa5de266a5878876b1d67fc2775ac5040c56586160c3c738ac5a7a8ab36534f014fe2f126bca651

  • SSDEEP

    6144:NbzTuN9afTJ1kHnuyXTZBB+R8WpMBV+UdvrEFp7hKDXYd:NbzTuN9abJauyXTvB+R8WiBjvrEH70k

Malware Config

Targets

    • Target

      b96de7d1e25aca8a88c27ccad5403650a98c9ed12db60d230e6984edc233e79d

    • Size

      287KB

    • MD5

      4ec0249c043cca3f463add42e274c637

    • SHA1

      68b426f768732e8b9ac6aedc49e264ef9677f550

    • SHA256

      b96de7d1e25aca8a88c27ccad5403650a98c9ed12db60d230e6984edc233e79d

    • SHA512

      9cabe1c64491c866164c37d07875ffd3175506379aaf83b5cfa5de266a5878876b1d67fc2775ac5040c56586160c3c738ac5a7a8ab36534f014fe2f126bca651

    • SSDEEP

      6144:NbzTuN9afTJ1kHnuyXTZBB+R8WpMBV+UdvrEFp7hKDXYd:NbzTuN9abJauyXTvB+R8WiBjvrEH70k

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks