General

  • Target

    65bc70e369338d9ca36e58a157ab57e4e1dc6834e27eb77a81cf7394984d6fe0

  • Size

    3.9MB

  • Sample

    241119-3gg8pawbqq

  • MD5

    06d20bb7d22bbf4a6429c1e41fe8626c

  • SHA1

    18deaacafa7009748e81bb40127b7188ca754fd8

  • SHA256

    65bc70e369338d9ca36e58a157ab57e4e1dc6834e27eb77a81cf7394984d6fe0

  • SHA512

    9669f60d4d89677ce744948c42165f5db205dece50507b42402b32a8146238b1339120ed6bf21fc410a28ea7da329213b9f2f6402ed3bc06e2abfd707f9ea8ec

  • SSDEEP

    98304:9HZtJZnyRKlcogQbTnp+eOc2uqfax8bOPScBxa+n0t+U:bvZnyRKlVgQb7pfOc2uqfambOPnEKI

Malware Config

Targets

    • Target

      65bc70e369338d9ca36e58a157ab57e4e1dc6834e27eb77a81cf7394984d6fe0

    • Size

      3.9MB

    • MD5

      06d20bb7d22bbf4a6429c1e41fe8626c

    • SHA1

      18deaacafa7009748e81bb40127b7188ca754fd8

    • SHA256

      65bc70e369338d9ca36e58a157ab57e4e1dc6834e27eb77a81cf7394984d6fe0

    • SHA512

      9669f60d4d89677ce744948c42165f5db205dece50507b42402b32a8146238b1339120ed6bf21fc410a28ea7da329213b9f2f6402ed3bc06e2abfd707f9ea8ec

    • SSDEEP

      98304:9HZtJZnyRKlcogQbTnp+eOc2uqfax8bOPScBxa+n0t+U:bvZnyRKlVgQb7pfOc2uqfambOPnEKI

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks