General
-
Target
b20ee3f8f0565bebda32fed81e7d4ba6d49fe45f2e2af2757173c548b10bacfcN.exe
-
Size
622KB
-
Sample
241218-bzl6tawrcx
-
MD5
e53bedc018040b740fa400309ffff3c0
-
SHA1
ef5d7541b48a3d275b01ec90a49c46ba42b4711b
-
SHA256
b20ee3f8f0565bebda32fed81e7d4ba6d49fe45f2e2af2757173c548b10bacfc
-
SHA512
8eadecb93af8dab479590ed3d3f09266bc49a7b586a063362db50c24ab1cc23e9f94aa7be501bed484e9bdfdef4f43c8ef7314d1ac60b3d5263bd411bb56c6b6
-
SSDEEP
12288:fIlsAkjIf/WbGH/+8zoXEyO4pV1Q2LcgoLLoa5RZMRGM4h/qofn:fHAL7+8zuEg07goLLoIZMRGJ/qofn
Malware Config
Targets
-
-
Target
b20ee3f8f0565bebda32fed81e7d4ba6d49fe45f2e2af2757173c548b10bacfcN.exe
-
Size
622KB
-
MD5
e53bedc018040b740fa400309ffff3c0
-
SHA1
ef5d7541b48a3d275b01ec90a49c46ba42b4711b
-
SHA256
b20ee3f8f0565bebda32fed81e7d4ba6d49fe45f2e2af2757173c548b10bacfc
-
SHA512
8eadecb93af8dab479590ed3d3f09266bc49a7b586a063362db50c24ab1cc23e9f94aa7be501bed484e9bdfdef4f43c8ef7314d1ac60b3d5263bd411bb56c6b6
-
SSDEEP
12288:fIlsAkjIf/WbGH/+8zoXEyO4pV1Q2LcgoLLoa5RZMRGM4h/qofn:fHAL7+8zuEg07goLLoIZMRGJ/qofn
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-