General

  • Target

    d985c55f91607742244767821b078274650b5def1fa5f340e8554ffba1e02e49

  • Size

    234KB

  • Sample

    241211-g1f9vazrev

  • MD5

    4e6941c71de9b34df2667d8819596574

  • SHA1

    7ac741827ce2cc5fb127445670a455a1fdc369d7

  • SHA256

    d985c55f91607742244767821b078274650b5def1fa5f340e8554ffba1e02e49

  • SHA512

    44951667a3c41bdeecc672989d49b82a10b43f5fe9abb98c68dc44541da2459047d6701a3a2e2fe197fe64a41b3136f8c9da9e8d2b59d2ff454fa6ba0ac72457

  • SSDEEP

    3072:zwzvOYTj5YP/aKavT/DvbEvkHI2B+Nl4jz+b0atWH1TmFtotpcat8iKdlVST31OX:mjiP/aK2PH/B+rdBV+UdvrEFp7hKN

Malware Config

Targets

    • Target

      d985c55f91607742244767821b078274650b5def1fa5f340e8554ffba1e02e49

    • Size

      234KB

    • MD5

      4e6941c71de9b34df2667d8819596574

    • SHA1

      7ac741827ce2cc5fb127445670a455a1fdc369d7

    • SHA256

      d985c55f91607742244767821b078274650b5def1fa5f340e8554ffba1e02e49

    • SHA512

      44951667a3c41bdeecc672989d49b82a10b43f5fe9abb98c68dc44541da2459047d6701a3a2e2fe197fe64a41b3136f8c9da9e8d2b59d2ff454fa6ba0ac72457

    • SSDEEP

      3072:zwzvOYTj5YP/aKavT/DvbEvkHI2B+Nl4jz+b0atWH1TmFtotpcat8iKdlVST31OX:mjiP/aK2PH/B+rdBV+UdvrEFp7hKN

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.