General

  • Target

    149db21b49a3f2405bb389bb071d8c7dc6d7b195492d243210ff19f6fd55c692

  • Size

    278KB

  • Sample

    241109-p5aa4atnds

  • MD5

    950afcbbe8fa0fad6fb686f940c2d7b9

  • SHA1

    4cc151b2bc46f31c9e4ef9d0745f69359c642e9e

  • SHA256

    149db21b49a3f2405bb389bb071d8c7dc6d7b195492d243210ff19f6fd55c692

  • SHA512

    deba6afc8b428d14f0acafc0586c14c44936d328b2d1b85c14faa6cb01cbb986864efbdd95824a2d9b03df59d3d600006ff4b62170eabdc37fb645cc14e6a965

  • SSDEEP

    6144:drNl/DVKWC3as7B+WCHBV+UdvrEFp7hKIL/:drNlbVKwaB+WCHBjvrEH7LL/

Malware Config

Targets

    • Target

      149db21b49a3f2405bb389bb071d8c7dc6d7b195492d243210ff19f6fd55c692

    • Size

      278KB

    • MD5

      950afcbbe8fa0fad6fb686f940c2d7b9

    • SHA1

      4cc151b2bc46f31c9e4ef9d0745f69359c642e9e

    • SHA256

      149db21b49a3f2405bb389bb071d8c7dc6d7b195492d243210ff19f6fd55c692

    • SHA512

      deba6afc8b428d14f0acafc0586c14c44936d328b2d1b85c14faa6cb01cbb986864efbdd95824a2d9b03df59d3d600006ff4b62170eabdc37fb645cc14e6a965

    • SSDEEP

      6144:drNl/DVKWC3as7B+WCHBV+UdvrEFp7hKIL/:drNlbVKwaB+WCHBjvrEH7LL/

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks