General
-
Target
7ebe565957b9cd12502b1a7cda5de0f03df7a3ce801f21e70b0d6d05cca55459
-
Size
234KB
-
Sample
241214-g1191stpfy
-
MD5
328a669129cd84470ad6fdb2bd4cfec0
-
SHA1
c574e80329fa87f4846a868a7acafe8d7272f891
-
SHA256
7ebe565957b9cd12502b1a7cda5de0f03df7a3ce801f21e70b0d6d05cca55459
-
SHA512
5e2b829052361e702abb1f58e06ee43fa80b646c3b9133430f1bcee87952c2501d86723776c1d8401c4eda743dd50f4ffdf83371c0d27522686f62feef2b8d60
-
SSDEEP
3072:uwzvOYTk5YP/aKavT/DvbkXbNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZiY:bkiP/aK2w5/B+/kBV+UdvrEFp7hKX
Malware Config
Targets
-
-
Target
7ebe565957b9cd12502b1a7cda5de0f03df7a3ce801f21e70b0d6d05cca55459
-
Size
234KB
-
MD5
328a669129cd84470ad6fdb2bd4cfec0
-
SHA1
c574e80329fa87f4846a868a7acafe8d7272f891
-
SHA256
7ebe565957b9cd12502b1a7cda5de0f03df7a3ce801f21e70b0d6d05cca55459
-
SHA512
5e2b829052361e702abb1f58e06ee43fa80b646c3b9133430f1bcee87952c2501d86723776c1d8401c4eda743dd50f4ffdf83371c0d27522686f62feef2b8d60
-
SSDEEP
3072:uwzvOYTk5YP/aKavT/DvbkXbNI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzzZiY:bkiP/aK2w5/B+/kBV+UdvrEFp7hKX
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-