General

  • Target

    44b7159aa1c6f7e591129ccee09213f8d026e8a36831f1ed596babd5648592ee

  • Size

    277KB

  • Sample

    241213-x2zetayren

  • MD5

    2bfb33b0e4b2a5c2b5b0faa9fc4f3f2a

  • SHA1

    125f59988b26120b5e317955726736e75d69fe54

  • SHA256

    44b7159aa1c6f7e591129ccee09213f8d026e8a36831f1ed596babd5648592ee

  • SHA512

    d6e4d20d784dfd9d0b47da1b8f64e11ae70f5b9d7de61286be0686f3506ddc34cc2cccc57c3561efe558d9f5a6811527631bd35ffca273a39216974b7c9c5cb9

  • SSDEEP

    6144:zmApl/DRfkTC3dM7B+mCDVBV+UdvrEFp7hKXX:zmAplbRfky6B+mCpBjvrEH74X

Malware Config

Targets

    • Target

      44b7159aa1c6f7e591129ccee09213f8d026e8a36831f1ed596babd5648592ee

    • Size

      277KB

    • MD5

      2bfb33b0e4b2a5c2b5b0faa9fc4f3f2a

    • SHA1

      125f59988b26120b5e317955726736e75d69fe54

    • SHA256

      44b7159aa1c6f7e591129ccee09213f8d026e8a36831f1ed596babd5648592ee

    • SHA512

      d6e4d20d784dfd9d0b47da1b8f64e11ae70f5b9d7de61286be0686f3506ddc34cc2cccc57c3561efe558d9f5a6811527631bd35ffca273a39216974b7c9c5cb9

    • SSDEEP

      6144:zmApl/DRfkTC3dM7B+mCDVBV+UdvrEFp7hKXX:zmAplbRfky6B+mCpBjvrEH74X

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks