General
-
Target
2411119a77aedf855e9ab748ab6833ccfbd9af70657854d21c62463b39444003N.exe
-
Size
8.3MB
-
Sample
241219-jc74rswjcr
-
MD5
240f2da53a1b503481648e1f9711af70
-
SHA1
b0066d94308da0e1710a32c85b49e3af9d9638c2
-
SHA256
2411119a77aedf855e9ab748ab6833ccfbd9af70657854d21c62463b39444003
-
SHA512
30383e99194254cea8d55480f4dadf89c0b0fb3836e7dd0b6f784edcecd5d4a75a3a9e09816a5dd878ab9a8b347c3d329b3bb3484387f72978d2390bea5472f4
-
SSDEEP
196608:78fUVShpTzJWVeGSW4IKHDuAQ97H4rQ3spho1erEzB5JpqjgH6fr6:gfLnTzJ+xSFI2uTH4rKqEzBugae
Malware Config
Targets
-
-
Target
2411119a77aedf855e9ab748ab6833ccfbd9af70657854d21c62463b39444003N.exe
-
Size
8.3MB
-
MD5
240f2da53a1b503481648e1f9711af70
-
SHA1
b0066d94308da0e1710a32c85b49e3af9d9638c2
-
SHA256
2411119a77aedf855e9ab748ab6833ccfbd9af70657854d21c62463b39444003
-
SHA512
30383e99194254cea8d55480f4dadf89c0b0fb3836e7dd0b6f784edcecd5d4a75a3a9e09816a5dd878ab9a8b347c3d329b3bb3484387f72978d2390bea5472f4
-
SSDEEP
196608:78fUVShpTzJWVeGSW4IKHDuAQ97H4rQ3spho1erEzB5JpqjgH6fr6:gfLnTzJ+xSFI2uTH4rKqEzBugae
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-