General
-
Target
86d579d79d3bf51c83e33e06e4a062238b518584b690ccf29ab632adaf9856b1N.exe
-
Size
8.5MB
-
Sample
241218-hxpbqazmaj
-
MD5
8a1398645e57df4786043ba81bfebfb0
-
SHA1
8329dc8fb4e77c920b900b2121c54bb8063c5dd7
-
SHA256
86d579d79d3bf51c83e33e06e4a062238b518584b690ccf29ab632adaf9856b1
-
SHA512
c7b06b4d4808f75beb0a2e33c548b03b9ebbb58fa3f7ae84c109da333c2d7231e74e84a2ae2f4a525d3034cb6a7aad904618c4dc622d535eb3b8f96970ebe071
-
SSDEEP
196608:VORsUVmq00uyojm7OpiJS40B7Ar7LA9/XAKf5e3Bvn2F8/E0DzAV:VN/kGiExB7Ar7Lq5oeFuAV
Malware Config
Targets
-
-
Target
86d579d79d3bf51c83e33e06e4a062238b518584b690ccf29ab632adaf9856b1N.exe
-
Size
8.5MB
-
MD5
8a1398645e57df4786043ba81bfebfb0
-
SHA1
8329dc8fb4e77c920b900b2121c54bb8063c5dd7
-
SHA256
86d579d79d3bf51c83e33e06e4a062238b518584b690ccf29ab632adaf9856b1
-
SHA512
c7b06b4d4808f75beb0a2e33c548b03b9ebbb58fa3f7ae84c109da333c2d7231e74e84a2ae2f4a525d3034cb6a7aad904618c4dc622d535eb3b8f96970ebe071
-
SSDEEP
196608:VORsUVmq00uyojm7OpiJS40B7Ar7LA9/XAKf5e3Bvn2F8/E0DzAV:VN/kGiExB7Ar7Lq5oeFuAV
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-