General
-
Target
4c885c9176dadd505eb5f5f7fda688e76149ce044bea3f614ce2164fc8a2391bN.exe
-
Size
609KB
-
Sample
241225-18g1wszqbm
-
MD5
7a76d6ba50879f3e9a29042505bd5c10
-
SHA1
0d7833ca0e6a4f64c0c5859412dce5b8f03c31e6
-
SHA256
4c885c9176dadd505eb5f5f7fda688e76149ce044bea3f614ce2164fc8a2391b
-
SHA512
b4159be3a5ab9471af10bfc7f360f48af1b87b5c4b57a191d1118848054dca168f7eccbc9a92587b2ec0c4a4d6078909426c9d9d498bec8714af78a79cfcbb65
-
SSDEEP
6144:gToUc9tn6SsrsrD3SdDwNxHoiv582zwTS+ZTBV+UdvrEFp7hKQi+SzyK:gTo9D6SJDEm9l0TBjvrEH7ti+Oj
Malware Config
Targets
-
-
Target
4c885c9176dadd505eb5f5f7fda688e76149ce044bea3f614ce2164fc8a2391bN.exe
-
Size
609KB
-
MD5
7a76d6ba50879f3e9a29042505bd5c10
-
SHA1
0d7833ca0e6a4f64c0c5859412dce5b8f03c31e6
-
SHA256
4c885c9176dadd505eb5f5f7fda688e76149ce044bea3f614ce2164fc8a2391b
-
SHA512
b4159be3a5ab9471af10bfc7f360f48af1b87b5c4b57a191d1118848054dca168f7eccbc9a92587b2ec0c4a4d6078909426c9d9d498bec8714af78a79cfcbb65
-
SSDEEP
6144:gToUc9tn6SsrsrD3SdDwNxHoiv582zwTS+ZTBV+UdvrEFp7hKQi+SzyK:gTo9D6SJDEm9l0TBjvrEH7ti+Oj
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-