General
-
Target
d8bd7785891667497894a393f203b8db2ac1112fd98ed25141ee37ab586bd659
-
Size
1.3MB
-
Sample
241211-j2dlfstras
-
MD5
df33993abf3bc1487cb2c90f4557c223
-
SHA1
0a156fe28b0df6f107ee95ade4f107df20fbd3d0
-
SHA256
d8bd7785891667497894a393f203b8db2ac1112fd98ed25141ee37ab586bd659
-
SHA512
16adeb25e6120c794be4f8cbd9c8fd0ff784f751398f0db81fc7f4f4a746ae67c0b124601457e0270bf43704ea4bb459a8a1f4ab98c91b3b46247a4c1ecc4b46
-
SSDEEP
24576:V1EsmyYGYYl6gE+j8EKPkd1EbUXt7rrl3XVPkURVNhY/frEH7ev:zrYol6LvXVbKlpDVNha
Malware Config
Targets
-
-
Target
d8bd7785891667497894a393f203b8db2ac1112fd98ed25141ee37ab586bd659
-
Size
1.3MB
-
MD5
df33993abf3bc1487cb2c90f4557c223
-
SHA1
0a156fe28b0df6f107ee95ade4f107df20fbd3d0
-
SHA256
d8bd7785891667497894a393f203b8db2ac1112fd98ed25141ee37ab586bd659
-
SHA512
16adeb25e6120c794be4f8cbd9c8fd0ff784f751398f0db81fc7f4f4a746ae67c0b124601457e0270bf43704ea4bb459a8a1f4ab98c91b3b46247a4c1ecc4b46
-
SSDEEP
24576:V1EsmyYGYYl6gE+j8EKPkd1EbUXt7rrl3XVPkURVNhY/frEH7ev:zrYol6LvXVbKlpDVNha
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-