General

  • Target

    657dca08df1c55b5f2a3af6e3a3abf2e3621d013122f1ab94541b73a11699b69

  • Size

    287KB

  • Sample

    240926-hpdv1swepd

  • MD5

    5b256366c6ed5a3d1875b754f3159de4

  • SHA1

    8c3b0eec96ed93ece5ea7395d79aea55ce974a3b

  • SHA256

    657dca08df1c55b5f2a3af6e3a3abf2e3621d013122f1ab94541b73a11699b69

  • SHA512

    e09511b1459ed1d553c358a865f1734cbeeda092fa0533649fabccb546174f1ee0fb457bc36c9b1f5596819d9d4166eee94dbc5fb27c9731ec65ebaaf02ec786

  • SSDEEP

    6144:dzTuN9afTJFvuyXTZBB+R8WpMBV+UdvrEFp7hKV:dzTuN9abJFvuyXTvB+R8WiBjvrEH7i

Malware Config

Targets

    • Target

      657dca08df1c55b5f2a3af6e3a3abf2e3621d013122f1ab94541b73a11699b69

    • Size

      287KB

    • MD5

      5b256366c6ed5a3d1875b754f3159de4

    • SHA1

      8c3b0eec96ed93ece5ea7395d79aea55ce974a3b

    • SHA256

      657dca08df1c55b5f2a3af6e3a3abf2e3621d013122f1ab94541b73a11699b69

    • SHA512

      e09511b1459ed1d553c358a865f1734cbeeda092fa0533649fabccb546174f1ee0fb457bc36c9b1f5596819d9d4166eee94dbc5fb27c9731ec65ebaaf02ec786

    • SSDEEP

      6144:dzTuN9afTJFvuyXTZBB+R8WpMBV+UdvrEFp7hKV:dzTuN9abJFvuyXTvB+R8WiBjvrEH7i

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks