General
-
Target
f34ebc6b10ed8c5ccc4b8b211fde08eb062c03e66fb5005b2d5bda280a73bf94N.exe
-
Size
1.8MB
-
Sample
241217-plj17ayqbs
-
MD5
b5bef268a344c03bd34ccab3666d7100
-
SHA1
31496de1e9a9bdb0773ff91c601475d2ebf9b4e4
-
SHA256
f34ebc6b10ed8c5ccc4b8b211fde08eb062c03e66fb5005b2d5bda280a73bf94
-
SHA512
06982b59ab7cdeb22bde9a0d7a5ed84cf0a8f32e273c95cc3453d696dc36bdb8ccc8ddbb62c5bcb07da5a2dd572967d613ba996a8da03af4f94fbf3fdfc9c1b9
-
SSDEEP
24576:phQtKE8quveQ6NbPwbmy4nt2YAp5iAaSx/zWjTvrzVnc1dVf7x11IvN6CsX2wnJF:gv2eSdMPOxP1OefQUT8xElF1qXub
Malware Config
Targets
-
-
Target
f34ebc6b10ed8c5ccc4b8b211fde08eb062c03e66fb5005b2d5bda280a73bf94N.exe
-
Size
1.8MB
-
MD5
b5bef268a344c03bd34ccab3666d7100
-
SHA1
31496de1e9a9bdb0773ff91c601475d2ebf9b4e4
-
SHA256
f34ebc6b10ed8c5ccc4b8b211fde08eb062c03e66fb5005b2d5bda280a73bf94
-
SHA512
06982b59ab7cdeb22bde9a0d7a5ed84cf0a8f32e273c95cc3453d696dc36bdb8ccc8ddbb62c5bcb07da5a2dd572967d613ba996a8da03af4f94fbf3fdfc9c1b9
-
SSDEEP
24576:phQtKE8quveQ6NbPwbmy4nt2YAp5iAaSx/zWjTvrzVnc1dVf7x11IvN6CsX2wnJF:gv2eSdMPOxP1OefQUT8xElF1qXub
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-