General
-
Target
ee6b8de5d3ca5d6b7abffd0017b4a1514b1c88c61da62408f5ff1333396fcbea
-
Size
1.6MB
-
Sample
241221-wl132avpbs
-
MD5
e210bcdf2037089de130d5f64a1808fe
-
SHA1
372f5eebd1aa9ae32121563e4a4f831b6ac24bcf
-
SHA256
ee6b8de5d3ca5d6b7abffd0017b4a1514b1c88c61da62408f5ff1333396fcbea
-
SHA512
d2720e77535d59cbb11f8c4de93afc388296ec47843c864547244bb8535143e82e696579f286585f86d72a59eca1e6b3f6ef3b15d9ee2c2b51659897893be890
-
SSDEEP
24576:2Fh69Fnix1kHcPGlFERUmuMT/Wzmq3fjmNVZvpK0vMTuFU9Kr61B9wrEH7dX:C69FikjsYvjmNfvpX0TuF2Z1tX
Malware Config
Targets
-
-
Target
ee6b8de5d3ca5d6b7abffd0017b4a1514b1c88c61da62408f5ff1333396fcbea
-
Size
1.6MB
-
MD5
e210bcdf2037089de130d5f64a1808fe
-
SHA1
372f5eebd1aa9ae32121563e4a4f831b6ac24bcf
-
SHA256
ee6b8de5d3ca5d6b7abffd0017b4a1514b1c88c61da62408f5ff1333396fcbea
-
SHA512
d2720e77535d59cbb11f8c4de93afc388296ec47843c864547244bb8535143e82e696579f286585f86d72a59eca1e6b3f6ef3b15d9ee2c2b51659897893be890
-
SSDEEP
24576:2Fh69Fnix1kHcPGlFERUmuMT/Wzmq3fjmNVZvpK0vMTuFU9Kr61B9wrEH7dX:C69FikjsYvjmNfvpX0TuF2Z1tX
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-