General

  • Target

    8e295928158406220be49b74b735ed6ea516fe4af2844282d75d717c85ec2e75

  • Size

    277KB

  • Sample

    241107-hyn3caxhka

  • MD5

    5c87f53adedc24b99f2bc6792dbbd6e1

  • SHA1

    a2b38db15c11f0b39673e366e5ebe814c6ee2651

  • SHA256

    8e295928158406220be49b74b735ed6ea516fe4af2844282d75d717c85ec2e75

  • SHA512

    3f94612b62ed7074a1a9bbf74b0810d8795a9399ef80cc4acde44d188185c117d3ebe7a0b52442b8a45ecc80af0007448d491ea127e34268898d7dcb563669d0

  • SSDEEP

    6144:7AsM/DRfkTC3dM7B+mCNBV+UdvrEFp7hK6GF:7AsMbRfky6B+mCNBjvrEH7GF

Malware Config

Targets

    • Target

      8e295928158406220be49b74b735ed6ea516fe4af2844282d75d717c85ec2e75

    • Size

      277KB

    • MD5

      5c87f53adedc24b99f2bc6792dbbd6e1

    • SHA1

      a2b38db15c11f0b39673e366e5ebe814c6ee2651

    • SHA256

      8e295928158406220be49b74b735ed6ea516fe4af2844282d75d717c85ec2e75

    • SHA512

      3f94612b62ed7074a1a9bbf74b0810d8795a9399ef80cc4acde44d188185c117d3ebe7a0b52442b8a45ecc80af0007448d491ea127e34268898d7dcb563669d0

    • SSDEEP

      6144:7AsM/DRfkTC3dM7B+mCNBV+UdvrEFp7hK6GF:7AsMbRfky6B+mCNBjvrEH7GF

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks