General
-
Target
b9d5d19d5032dfbb4c7818bd2296c174291263097f2b9617b6f4079fe98fd8b7
-
Size
12.0MB
-
Sample
241224-jk4rbatjbn
-
MD5
34fe0ccfcfd07d57c37a86f781fe7025
-
SHA1
0da7aa3ecf9a42ce86b54094475451d370cadd43
-
SHA256
b9d5d19d5032dfbb4c7818bd2296c174291263097f2b9617b6f4079fe98fd8b7
-
SHA512
a97aea7d4e81fda0d848275dae598a8039bcc621248cde7f5f3a84b7ae70de674f9fdc0af1b7da30338acfb5c84892a227f486f8d809e09aa2de8b049ae4864a
-
SSDEEP
196608:avSCg5aduB2ZoQ64Nkid38GHb65Q5ySeBZObIzLd6/8Nad4OzlUS6FRIb93WenpA:agcEQ3dvQQISeBdzpc8Nat2MZ3WYtL8
Malware Config
Targets
-
-
Target
b9d5d19d5032dfbb4c7818bd2296c174291263097f2b9617b6f4079fe98fd8b7
-
Size
12.0MB
-
MD5
34fe0ccfcfd07d57c37a86f781fe7025
-
SHA1
0da7aa3ecf9a42ce86b54094475451d370cadd43
-
SHA256
b9d5d19d5032dfbb4c7818bd2296c174291263097f2b9617b6f4079fe98fd8b7
-
SHA512
a97aea7d4e81fda0d848275dae598a8039bcc621248cde7f5f3a84b7ae70de674f9fdc0af1b7da30338acfb5c84892a227f486f8d809e09aa2de8b049ae4864a
-
SSDEEP
196608:avSCg5aduB2ZoQ64Nkid38GHb65Q5ySeBZObIzLd6/8Nad4OzlUS6FRIb93WenpA:agcEQ3dvQQISeBdzpc8Nat2MZ3WYtL8
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-