General
-
Target
2024-12-22_7179ae0da5ec0acaf37f74f730d4e73a_bkransomware_floxif
-
Size
1.9MB
-
Sample
241222-vzge4strcv
-
MD5
7179ae0da5ec0acaf37f74f730d4e73a
-
SHA1
f979aab1e4b67c84beaee8b516f8c353bc43ba48
-
SHA256
83f70bc9c77c376d173ac37dae1780731ea26861d36f1d3e994f3ea872b68050
-
SHA512
726a504e9b868c29643cdb5fcf8eb0aeeed05d19fcfb46fe9dc7b4e20e2e61b0f333099f29c99498a58f0f6676fedfe0a5b785f3cb7755a81d638aa99d10140b
-
SSDEEP
49152:vUtFJMs/8OdZ9S7HV6lobLZ0H/Kl8jBNUixDnOmwmNS7R9kWy1:8tnMs/8OH9MV6loHZ0a8VNdDnOmwmr1
Malware Config
Targets
-
-
Target
2024-12-22_7179ae0da5ec0acaf37f74f730d4e73a_bkransomware_floxif
-
Size
1.9MB
-
MD5
7179ae0da5ec0acaf37f74f730d4e73a
-
SHA1
f979aab1e4b67c84beaee8b516f8c353bc43ba48
-
SHA256
83f70bc9c77c376d173ac37dae1780731ea26861d36f1d3e994f3ea872b68050
-
SHA512
726a504e9b868c29643cdb5fcf8eb0aeeed05d19fcfb46fe9dc7b4e20e2e61b0f333099f29c99498a58f0f6676fedfe0a5b785f3cb7755a81d638aa99d10140b
-
SSDEEP
49152:vUtFJMs/8OdZ9S7HV6lobLZ0H/Kl8jBNUixDnOmwmNS7R9kWy1:8tnMs/8OH9MV6loHZ0a8VNdDnOmwmr1
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-