General
-
Target
2b66c2bfa1af9c0b5d50d73a484b50e4c6e801b41e83da7b5adb9ebda82ba168
-
Size
286KB
-
Sample
241223-s41cnstmfl
-
MD5
c2018836e27455b2196c4f8ba623cb6d
-
SHA1
82855b5020c0b8c2894192ad15d7b227e9fc6bcd
-
SHA256
2b66c2bfa1af9c0b5d50d73a484b50e4c6e801b41e83da7b5adb9ebda82ba168
-
SHA512
d67c6b49936810cf79fff616b90bd01592eaa414d18873ef79c2bed32980c2e6103b91934fb958e1f9216024bbc084a3a8533dc42de9b6185257532d34b84eeb
-
SSDEEP
6144:L70l/5kHouyXnZhB+h8WHlBV+UdvrEFp7hKh:L70l/JuyXnPB+h8WHlBjvrEH7W
Malware Config
Targets
-
-
Target
2b66c2bfa1af9c0b5d50d73a484b50e4c6e801b41e83da7b5adb9ebda82ba168
-
Size
286KB
-
MD5
c2018836e27455b2196c4f8ba623cb6d
-
SHA1
82855b5020c0b8c2894192ad15d7b227e9fc6bcd
-
SHA256
2b66c2bfa1af9c0b5d50d73a484b50e4c6e801b41e83da7b5adb9ebda82ba168
-
SHA512
d67c6b49936810cf79fff616b90bd01592eaa414d18873ef79c2bed32980c2e6103b91934fb958e1f9216024bbc084a3a8533dc42de9b6185257532d34b84eeb
-
SSDEEP
6144:L70l/5kHouyXnZhB+h8WHlBV+UdvrEFp7hKh:L70l/JuyXnPB+h8WHlBjvrEH7W
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-