General
-
Target
5780f8cc8e4744e9c2459d6e7a7ef63273e21df01e1aaceb57792d70af6581d9
-
Size
1.6MB
-
Sample
241209-31raps1mek
-
MD5
33baf0481bd75c15919956c72179f141
-
SHA1
8a6814345b1f7643e6b39b33d4fb7ec178b42fc0
-
SHA256
5780f8cc8e4744e9c2459d6e7a7ef63273e21df01e1aaceb57792d70af6581d9
-
SHA512
b507a6f7283dfbfd9eb26e3a609e835fc11a6ab8add94ebaacea5cdbdf40e32b52f8e8de6c5a55274e2e7c38d44a5bf2a77e1d90f1738688920d9ccb558ed31f
-
SSDEEP
24576:EedIJcNVXu2hBHfU+eraM8kOJAoy2eXWDhhOfrRP8HE+NEJfE9/QsnL44Euxo2Ur:dJHflhrGqkbJfEeKLZEux3Ur
Malware Config
Targets
-
-
Target
5780f8cc8e4744e9c2459d6e7a7ef63273e21df01e1aaceb57792d70af6581d9
-
Size
1.6MB
-
MD5
33baf0481bd75c15919956c72179f141
-
SHA1
8a6814345b1f7643e6b39b33d4fb7ec178b42fc0
-
SHA256
5780f8cc8e4744e9c2459d6e7a7ef63273e21df01e1aaceb57792d70af6581d9
-
SHA512
b507a6f7283dfbfd9eb26e3a609e835fc11a6ab8add94ebaacea5cdbdf40e32b52f8e8de6c5a55274e2e7c38d44a5bf2a77e1d90f1738688920d9ccb558ed31f
-
SSDEEP
24576:EedIJcNVXu2hBHfU+eraM8kOJAoy2eXWDhhOfrRP8HE+NEJfE9/QsnL44Euxo2Ur:dJHflhrGqkbJfEeKLZEux3Ur
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-