General
-
Target
34ab4b716bdd66690db71ccb7441f516eaa278d62ee924a0c82d3c1c00bc0ed7N.exe
-
Size
622KB
-
Sample
241220-gj1l6a1mft
-
MD5
d9f52894276d2ace9df7005e70b36d00
-
SHA1
e3e53553774964d9cd864f827d279e962074b001
-
SHA256
34ab4b716bdd66690db71ccb7441f516eaa278d62ee924a0c82d3c1c00bc0ed7
-
SHA512
83982c4fa60c1a535297384ad2df98615b049d042f50bc1989006e84cc59f1de9c0929db3f0b4d0048f9aa4fea6ea7b0e610e40065aa50e9c38be042a307efca
-
SSDEEP
12288:fIlsAkjIf/WbGH/+8zoXEyO4M11fTcgoLLoa5RZMRGM4h/qofv:fHAL7+8zuErIgoLLoIZMRGJ/qofv
Malware Config
Targets
-
-
Target
34ab4b716bdd66690db71ccb7441f516eaa278d62ee924a0c82d3c1c00bc0ed7N.exe
-
Size
622KB
-
MD5
d9f52894276d2ace9df7005e70b36d00
-
SHA1
e3e53553774964d9cd864f827d279e962074b001
-
SHA256
34ab4b716bdd66690db71ccb7441f516eaa278d62ee924a0c82d3c1c00bc0ed7
-
SHA512
83982c4fa60c1a535297384ad2df98615b049d042f50bc1989006e84cc59f1de9c0929db3f0b4d0048f9aa4fea6ea7b0e610e40065aa50e9c38be042a307efca
-
SSDEEP
12288:fIlsAkjIf/WbGH/+8zoXEyO4M11fTcgoLLoa5RZMRGM4h/qofv:fHAL7+8zuErIgoLLoIZMRGJ/qofv
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-