General

  • Target

    2b15165580e632ab8a4236171291d0c21856f8d201a594632b344b8a29f58379N

  • Size

    389KB

  • Sample

    241104-fwkwssxldp

  • MD5

    9a651ca6b519f5e2172beff2019bda70

  • SHA1

    84815958fe39ec04dcff8d4e8adf78688eb07bb4

  • SHA256

    2b15165580e632ab8a4236171291d0c21856f8d201a594632b344b8a29f58379

  • SHA512

    4e6cacf7864faeb6424063c22974ad18ec6dc1e2a9380d57abce26ff1a3f9fda990368ac98c52dff465ade237c9685e691a3aec1ea2e89408c55a8319ecf29ea

  • SSDEEP

    12288:Cu/tWtnlKw54DRrwLGyZ83qrNEpBjvrEH71R6:onlKw54DRchZPrN0rEH7z6

Malware Config

Targets

    • Target

      2b15165580e632ab8a4236171291d0c21856f8d201a594632b344b8a29f58379N

    • Size

      389KB

    • MD5

      9a651ca6b519f5e2172beff2019bda70

    • SHA1

      84815958fe39ec04dcff8d4e8adf78688eb07bb4

    • SHA256

      2b15165580e632ab8a4236171291d0c21856f8d201a594632b344b8a29f58379

    • SHA512

      4e6cacf7864faeb6424063c22974ad18ec6dc1e2a9380d57abce26ff1a3f9fda990368ac98c52dff465ade237c9685e691a3aec1ea2e89408c55a8319ecf29ea

    • SSDEEP

      12288:Cu/tWtnlKw54DRrwLGyZ83qrNEpBjvrEH71R6:onlKw54DRchZPrN0rEH7z6

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks