General
-
Target
f75dff23fb2b4e4dc14644febe08f028ae59e20c77a8f75646198eadd64070bcN
-
Size
5.6MB
-
Sample
240930-zcqsgsxhma
-
MD5
9b6787e6f99a57eccf8f398403739cb0
-
SHA1
702d0d70c8dbf1738b6f3ea07ba200f01b9cadbb
-
SHA256
f75dff23fb2b4e4dc14644febe08f028ae59e20c77a8f75646198eadd64070bc
-
SHA512
fdd177ea85e0573596ca073dbfd2d1c8b5aa2c7bb2348ae6cdc865ad0f1048921b16cc3472ae555c27b1695b57aec16d4955d748519a11a7fdf31b65c5a6159a
-
SSDEEP
98304:8L3sSBKyVg5fYIq4D6HoYl5fIlPEZszInt4pNFjpJSnGYBzzsEPzdsXxXksFq:88SBBVg1O4D6Hj5idEa6BzwEPzdsXdk5
Malware Config
Targets
-
-
Target
f75dff23fb2b4e4dc14644febe08f028ae59e20c77a8f75646198eadd64070bcN
-
Size
5.6MB
-
MD5
9b6787e6f99a57eccf8f398403739cb0
-
SHA1
702d0d70c8dbf1738b6f3ea07ba200f01b9cadbb
-
SHA256
f75dff23fb2b4e4dc14644febe08f028ae59e20c77a8f75646198eadd64070bc
-
SHA512
fdd177ea85e0573596ca073dbfd2d1c8b5aa2c7bb2348ae6cdc865ad0f1048921b16cc3472ae555c27b1695b57aec16d4955d748519a11a7fdf31b65c5a6159a
-
SSDEEP
98304:8L3sSBKyVg5fYIq4D6HoYl5fIlPEZszInt4pNFjpJSnGYBzzsEPzdsXxXksFq:88SBBVg1O4D6Hj5idEa6BzwEPzdsXdk5
Score10/10-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-