FloodFix
FloodFix
FloodFix2
FloodFix2
crc32
crc32
Behavioral task
behavioral1
Sample
a3d33157cfd51a4192a40c9b3dc5d2f5a77f68b9d472f85af2bff586940232e0.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a3d33157cfd51a4192a40c9b3dc5d2f5a77f68b9d472f85af2bff586940232e0.dll
Resource
win10v2004-20241007-en
Target
a3d33157cfd51a4192a40c9b3dc5d2f5a77f68b9d472f85af2bff586940232e0.exe
Size
76KB
MD5
ba2957f9395a80ee045cddaff72630dd
SHA1
86119e3e04002bd55160a9fb3651ca0f7ca9fed2
SHA256
a3d33157cfd51a4192a40c9b3dc5d2f5a77f68b9d472f85af2bff586940232e0
SHA512
0c501cf965d4ee72c0696963243d6dfbb6db69e2a17270e965241d9325d60b69b781ce86135e7d45c327528806d48bc51b259f90c72837f92e4d48ebc52f5a1f
SSDEEP
1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZMlPV:c8y93KQjy7G55riF1cMo03SlPV
Processes:
resource | yara_rule |
---|---|
sample | floxif |
Detects file using ACProtect software.
Processes:
resource | yara_rule |
---|---|
sample | acprotect |
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
a3d33157cfd51a4192a40c9b3dc5d2f5a77f68b9d472f85af2bff586940232e0.exe |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
FloodFix
FloodFix
FloodFix2
FloodFix2
crc32
crc32
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ