General
-
Target
fb5297022be75a63116c51921c88e56ed67978106441d64b8f4f8680b8b9fea4
-
Size
286KB
-
Sample
241224-hkxsbssphn
-
MD5
d0b93e31f50538f3788985fd5b4af3e7
-
SHA1
8dd75c5bb45650561b735415b76a846957bac1e9
-
SHA256
fb5297022be75a63116c51921c88e56ed67978106441d64b8f4f8680b8b9fea4
-
SHA512
c850f222cf29b9cfe0b9ba11aad6cb4fdd4e27f5b54fb150a6a917c066d84ff6a54a7d764f6021dfabeed544c50387953ddfc3ca19e74f00c482c29ab4b8e870
-
SSDEEP
6144:Rz7gKNkhSR/y4uyXnZhB+B8WHSBV+UdvrEFp7hKs:Rz7gKNkhm/y4uyXnPB+B8WHSBjvrEH7b
Malware Config
Targets
-
-
Target
fb5297022be75a63116c51921c88e56ed67978106441d64b8f4f8680b8b9fea4
-
Size
286KB
-
MD5
d0b93e31f50538f3788985fd5b4af3e7
-
SHA1
8dd75c5bb45650561b735415b76a846957bac1e9
-
SHA256
fb5297022be75a63116c51921c88e56ed67978106441d64b8f4f8680b8b9fea4
-
SHA512
c850f222cf29b9cfe0b9ba11aad6cb4fdd4e27f5b54fb150a6a917c066d84ff6a54a7d764f6021dfabeed544c50387953ddfc3ca19e74f00c482c29ab4b8e870
-
SSDEEP
6144:Rz7gKNkhSR/y4uyXnZhB+B8WHSBV+UdvrEFp7hKs:Rz7gKNkhm/y4uyXnPB+B8WHSBjvrEH7b
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-