General

  • Target

    f84ef0f3decd125990c4a4af778c83510c8e11797bc990c90c558557019471bd

  • Size

    412KB

  • Sample

    241125-gg7mpaxpcn

  • MD5

    4de03879d4684700ae11b5cd15089d25

  • SHA1

    82b49dd3a60452fdcd20adbda7b3b574c7a76d13

  • SHA256

    f84ef0f3decd125990c4a4af778c83510c8e11797bc990c90c558557019471bd

  • SHA512

    3e57d6afa532fe49c54aca0c67900af850f939f8e85416ee2d8643cdea172e28b288a578ea2ba51c73a5ef6a89212c44c130b97f27366550496c0712f56de15d

  • SSDEEP

    6144:PuBSGeC+MxQoij9ng1NvidaXrmBBV+UdvrEFp7hK30ltS:VGeC+xoij9n0vidaXyBBjvrEH7W0O

Malware Config

Targets

    • Target

      f84ef0f3decd125990c4a4af778c83510c8e11797bc990c90c558557019471bd

    • Size

      412KB

    • MD5

      4de03879d4684700ae11b5cd15089d25

    • SHA1

      82b49dd3a60452fdcd20adbda7b3b574c7a76d13

    • SHA256

      f84ef0f3decd125990c4a4af778c83510c8e11797bc990c90c558557019471bd

    • SHA512

      3e57d6afa532fe49c54aca0c67900af850f939f8e85416ee2d8643cdea172e28b288a578ea2ba51c73a5ef6a89212c44c130b97f27366550496c0712f56de15d

    • SSDEEP

      6144:PuBSGeC+MxQoij9ng1NvidaXrmBBV+UdvrEFp7hK30ltS:VGeC+xoij9n0vidaXyBBjvrEH7W0O

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks