General

  • Target

    2024-12-10_e299a0e626fb883a51410a05aafaca66_bkransomware_floxif

  • Size

    2.4MB

  • Sample

    241210-pte27svret

  • MD5

    e299a0e626fb883a51410a05aafaca66

  • SHA1

    9fc85b235e3e4cec40f4a53a112cafbc2d536b2d

  • SHA256

    32d498a575c5f956e5cbd58f3609bc68371f3188cb0f7309ae19df926855d76a

  • SHA512

    e43d4d6331b06736552a4373c9b113ecd58bb9bab26aa6059bc7ba19e21fe16e5877f02b76073740eb7a5920b8bac21570f8a401090c612c3233661d67c971b1

  • SSDEEP

    49152:gfYBXqJOaWxfAHDMwBX+UPZdia+vDhw7JzznqMkFgTGEHM1I:gQhqJOaWxYHnBX+UPZdiFhw9fnqMkFgZ

Malware Config

Targets

    • Target

      2024-12-10_e299a0e626fb883a51410a05aafaca66_bkransomware_floxif

    • Size

      2.4MB

    • MD5

      e299a0e626fb883a51410a05aafaca66

    • SHA1

      9fc85b235e3e4cec40f4a53a112cafbc2d536b2d

    • SHA256

      32d498a575c5f956e5cbd58f3609bc68371f3188cb0f7309ae19df926855d76a

    • SHA512

      e43d4d6331b06736552a4373c9b113ecd58bb9bab26aa6059bc7ba19e21fe16e5877f02b76073740eb7a5920b8bac21570f8a401090c612c3233661d67c971b1

    • SSDEEP

      49152:gfYBXqJOaWxfAHDMwBX+UPZdia+vDhw7JzznqMkFgTGEHM1I:gQhqJOaWxYHnBX+UPZdiFhw9fnqMkFgZ

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks