General

  • Target

    12ec33655c3460480d7fdf92c615183cc42b4d31b197f9eaf59f165fc2b89a6bN

  • Size

    139KB

  • Sample

    241031-dqv4gaycrb

  • MD5

    f88b60fd1c2d8f5e0b5f18c427af12f0

  • SHA1

    1d773bbae2045766c768253a4b29909d3871fc47

  • SHA256

    12ec33655c3460480d7fdf92c615183cc42b4d31b197f9eaf59f165fc2b89a6b

  • SHA512

    b552ed36697e5f8c48b7e51b3ff69c14688f13689535c3d40d22ef21c95afb24d0b4e7ec838af841657df56beab7b2847846be86077d27409172301586cfb601

  • SSDEEP

    3072:tvTd7baq/9OkeuXRp2lQBV+UdE+rECWp7hKhJaL:tvTd3/9Okee9BV+UdvrEFp7hKeL

Malware Config

Targets

    • Target

      12ec33655c3460480d7fdf92c615183cc42b4d31b197f9eaf59f165fc2b89a6bN

    • Size

      139KB

    • MD5

      f88b60fd1c2d8f5e0b5f18c427af12f0

    • SHA1

      1d773bbae2045766c768253a4b29909d3871fc47

    • SHA256

      12ec33655c3460480d7fdf92c615183cc42b4d31b197f9eaf59f165fc2b89a6b

    • SHA512

      b552ed36697e5f8c48b7e51b3ff69c14688f13689535c3d40d22ef21c95afb24d0b4e7ec838af841657df56beab7b2847846be86077d27409172301586cfb601

    • SSDEEP

      3072:tvTd7baq/9OkeuXRp2lQBV+UdE+rECWp7hKhJaL:tvTd3/9Okee9BV+UdvrEFp7hKeL

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks