General
-
Target
a6a88aedcf531ae31f6b505b7ad53622e36fc7c3d519ebd92b4d604dfc4ceac4
-
Size
1.6MB
-
Sample
241120-ch46qsyepl
-
MD5
07c0a38fe2f4a978d9cc7dc3f176578b
-
SHA1
9b377e5288ff12a80444848b185778ee3b0fb8bf
-
SHA256
a6a88aedcf531ae31f6b505b7ad53622e36fc7c3d519ebd92b4d604dfc4ceac4
-
SHA512
52558d2cdf4ecdcf2d0a41cd8a29deeac9a2f07af0f01027eec0ccf967759500dbda36a5a8cda8bddd8a2bf23107199e7275e5df64cdf988ef79c83c0a4718a2
-
SSDEEP
6144:HPKZ9v9DbFZdCsKg8SVAKtVSVeF/y/BV+UdvrEFp7hKE:vy9VhWg8SO0SVK/6BjvrEH7X
Malware Config
Targets
-
-
Target
a6a88aedcf531ae31f6b505b7ad53622e36fc7c3d519ebd92b4d604dfc4ceac4
-
Size
1.6MB
-
MD5
07c0a38fe2f4a978d9cc7dc3f176578b
-
SHA1
9b377e5288ff12a80444848b185778ee3b0fb8bf
-
SHA256
a6a88aedcf531ae31f6b505b7ad53622e36fc7c3d519ebd92b4d604dfc4ceac4
-
SHA512
52558d2cdf4ecdcf2d0a41cd8a29deeac9a2f07af0f01027eec0ccf967759500dbda36a5a8cda8bddd8a2bf23107199e7275e5df64cdf988ef79c83c0a4718a2
-
SSDEEP
6144:HPKZ9v9DbFZdCsKg8SVAKtVSVeF/y/BV+UdvrEFp7hKE:vy9VhWg8SO0SVK/6BjvrEH7X
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-