General

  • Target

    18337e4b70b85041e6eb336560e7704a68398ed37980dd928891818bb940b600

  • Size

    286KB

  • Sample

    241221-3rp2aatqhy

  • MD5

    1b69f51019781fb09a921617c51e6931

  • SHA1

    1197a50fb16752a3d8af85d84db0da58083c4e5c

  • SHA256

    18337e4b70b85041e6eb336560e7704a68398ed37980dd928891818bb940b600

  • SHA512

    d35a3734176062fe1298ba454e8155d5ca90f89f2bdd6498c865536f4c6d6bd9eef5d8b70db27d35f198f11b7c8b3917234c4b06e32eb03214ffaa8d5bf49542

  • SSDEEP

    6144:X7gKNkhSR/h8HouyXnZhB+R8WHqBV+UdvrEFp7hK/d:X7gKNkhm/hjuyXnPB+R8WHqBjvrEH7id

Malware Config

Targets

    • Target

      18337e4b70b85041e6eb336560e7704a68398ed37980dd928891818bb940b600

    • Size

      286KB

    • MD5

      1b69f51019781fb09a921617c51e6931

    • SHA1

      1197a50fb16752a3d8af85d84db0da58083c4e5c

    • SHA256

      18337e4b70b85041e6eb336560e7704a68398ed37980dd928891818bb940b600

    • SHA512

      d35a3734176062fe1298ba454e8155d5ca90f89f2bdd6498c865536f4c6d6bd9eef5d8b70db27d35f198f11b7c8b3917234c4b06e32eb03214ffaa8d5bf49542

    • SSDEEP

      6144:X7gKNkhSR/h8HouyXnZhB+R8WHqBV+UdvrEFp7hK/d:X7gKNkhm/hjuyXnPB+R8WHqBjvrEH7id

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks