General
-
Target
c1c063a6b0b535cb4e5edc7dc4c9f46532fd27bfc397735bd9cac97432aafa1a
-
Size
286KB
-
Sample
241224-hkaykaspgj
-
MD5
00eaa5bf3c36ee80103482a3a95beb4a
-
SHA1
110f36f2075c2a6737db3e77ed32d09de65370fe
-
SHA256
c1c063a6b0b535cb4e5edc7dc4c9f46532fd27bfc397735bd9cac97432aafa1a
-
SHA512
a358964c6c0def9fa27bbc247cbe1587dcea30d4155d3a0a342ff2088eed1cf3a4c7ac772feb9acef5557658e968979f603261502e20c276dec4389c1cfc1d08
-
SSDEEP
6144:VW7gKNkhSR/5kHouyXnZhB+h8WHlBV+UdvrEFp7hK+XYb:VW7gKNkhm/JuyXnPB+h8WHlBjvrEH7NG
Malware Config
Targets
-
-
Target
c1c063a6b0b535cb4e5edc7dc4c9f46532fd27bfc397735bd9cac97432aafa1a
-
Size
286KB
-
MD5
00eaa5bf3c36ee80103482a3a95beb4a
-
SHA1
110f36f2075c2a6737db3e77ed32d09de65370fe
-
SHA256
c1c063a6b0b535cb4e5edc7dc4c9f46532fd27bfc397735bd9cac97432aafa1a
-
SHA512
a358964c6c0def9fa27bbc247cbe1587dcea30d4155d3a0a342ff2088eed1cf3a4c7ac772feb9acef5557658e968979f603261502e20c276dec4389c1cfc1d08
-
SSDEEP
6144:VW7gKNkhSR/5kHouyXnZhB+h8WHlBV+UdvrEFp7hK+XYb:VW7gKNkhm/JuyXnPB+h8WHlBjvrEH7NG
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-