General
-
Target
7f03cb880790cc4126169a071d4eb392699417dbb5b99b4154a394121cb5158c
-
Size
5.4MB
-
Sample
241216-fvmn1axlcl
-
MD5
214e52de476d5970c49324201a7926c2
-
SHA1
a1ca315b0a06cf4ff0760c08436742e9d88019c8
-
SHA256
7f03cb880790cc4126169a071d4eb392699417dbb5b99b4154a394121cb5158c
-
SHA512
a8bbed6b09d12a59e028c39bdb2405d22386647634758c379eb61f144a024c11410ce564692f15d681f6747e594e51d821a7d0205351046027a9c73fe58abc14
-
SSDEEP
49152:U1rcgyb6uQ0x5M8UQDTzsX7U1xN3BwULUPMXtISz3BFbUPMXtISz34iUPMXtISzk:GyP5xpTz2ovwUPb3Pb34wb3hCvxz
Malware Config
Targets
-
-
Target
7f03cb880790cc4126169a071d4eb392699417dbb5b99b4154a394121cb5158c
-
Size
5.4MB
-
MD5
214e52de476d5970c49324201a7926c2
-
SHA1
a1ca315b0a06cf4ff0760c08436742e9d88019c8
-
SHA256
7f03cb880790cc4126169a071d4eb392699417dbb5b99b4154a394121cb5158c
-
SHA512
a8bbed6b09d12a59e028c39bdb2405d22386647634758c379eb61f144a024c11410ce564692f15d681f6747e594e51d821a7d0205351046027a9c73fe58abc14
-
SSDEEP
49152:U1rcgyb6uQ0x5M8UQDTzsX7U1xN3BwULUPMXtISz3BFbUPMXtISz34iUPMXtISzk:GyP5xpTz2ovwUPb3Pb34wb3hCvxz
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-