General
-
Target
d5caa2f203da47333f8fe8492e3c7cdb83c97491e02d4e017cbf0a3f51862dbc
-
Size
287KB
-
Sample
241224-gg616askc1
-
MD5
04bfc298d91f52f972d28162b35acab8
-
SHA1
6191e73976797e194a952059b5d1762ae4d49db7
-
SHA256
d5caa2f203da47333f8fe8492e3c7cdb83c97491e02d4e017cbf0a3f51862dbc
-
SHA512
e584cda94fd5a38231ea29de942e435ea726a21560575bfb6dc05122e6a968ad8621bc0b90241544a1848fbd7691a545f58dba825cc1bef45a3f45d624e8744a
-
SSDEEP
6144:ZzTuN9afTJUyuyXTZBB+R8WpMBV+UdvrEFp7hKae:ZzTuN9abJUyuyXTvB+R8WiBjvrEH79e
Malware Config
Targets
-
-
Target
d5caa2f203da47333f8fe8492e3c7cdb83c97491e02d4e017cbf0a3f51862dbc
-
Size
287KB
-
MD5
04bfc298d91f52f972d28162b35acab8
-
SHA1
6191e73976797e194a952059b5d1762ae4d49db7
-
SHA256
d5caa2f203da47333f8fe8492e3c7cdb83c97491e02d4e017cbf0a3f51862dbc
-
SHA512
e584cda94fd5a38231ea29de942e435ea726a21560575bfb6dc05122e6a968ad8621bc0b90241544a1848fbd7691a545f58dba825cc1bef45a3f45d624e8744a
-
SSDEEP
6144:ZzTuN9afTJUyuyXTZBB+R8WpMBV+UdvrEFp7hKae:ZzTuN9abJUyuyXTvB+R8WiBjvrEH79e
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-