General
-
Target
2024-12-10_616995f9e5e6a7424e8be0751c273074_floxif_icedid
-
Size
2.2MB
-
Sample
241210-pn52favqfw
-
MD5
616995f9e5e6a7424e8be0751c273074
-
SHA1
d9280d7842e3fed694f75a26dabc962ad3dfca87
-
SHA256
c9ba53f76d8e7b3e757019be9b782add3ffda675cac5ee7ae3ce5a4f2f2c7a7a
-
SHA512
30a240bb32e898363610833295df84e2eca19486ee75bf1d30fb5422acd504e06ad9a76e3c37523b21b636410d5851585203f23b292a6437daa29a548dd76ddc
-
SSDEEP
24576:2pc4NDD5GgXTCNB/7IZlRowffWYMHs/7+Urb/cw1l7H0maDXXsoroixNe0ywIrE3:VgXW7Yt/LXRH0LDXXPxkfc
Malware Config
Targets
-
-
Target
2024-12-10_616995f9e5e6a7424e8be0751c273074_floxif_icedid
-
Size
2.2MB
-
MD5
616995f9e5e6a7424e8be0751c273074
-
SHA1
d9280d7842e3fed694f75a26dabc962ad3dfca87
-
SHA256
c9ba53f76d8e7b3e757019be9b782add3ffda675cac5ee7ae3ce5a4f2f2c7a7a
-
SHA512
30a240bb32e898363610833295df84e2eca19486ee75bf1d30fb5422acd504e06ad9a76e3c37523b21b636410d5851585203f23b292a6437daa29a548dd76ddc
-
SSDEEP
24576:2pc4NDD5GgXTCNB/7IZlRowffWYMHs/7+Urb/cw1l7H0maDXXsoroixNe0ywIrE3:VgXW7Yt/LXRH0LDXXPxkfc
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-