General
-
Target
57f2cee4092298c59cc9c3df971f3a1ad14a96b8337b94bded6f1bc20b125dd1N.exe
-
Size
2.7MB
-
Sample
241225-2cc8haznbw
-
MD5
ad5fb4450b24f3517acf891ef2941320
-
SHA1
1227a4a41c47353eb4ea82cc16e889257d1336f4
-
SHA256
57f2cee4092298c59cc9c3df971f3a1ad14a96b8337b94bded6f1bc20b125dd1
-
SHA512
1bd96b9ca062f50f959777991183ab8682535dba678b85b50088653d4fdf7bc7884fda2615430ebf41ddff000f741fd9d8b8db7798a1cc901469877aa3370fdf
-
SSDEEP
49152:0y8f9DL6LRA1qi1vrP7VE2KGKwRA5vSe8Sz6oj9ghi1RebpyT390bYVGuSwZPSC8:05PeRA4i1vrPe2KSRAAe8S2oj9ghi1Rc
Malware Config
Targets
-
-
Target
57f2cee4092298c59cc9c3df971f3a1ad14a96b8337b94bded6f1bc20b125dd1N.exe
-
Size
2.7MB
-
MD5
ad5fb4450b24f3517acf891ef2941320
-
SHA1
1227a4a41c47353eb4ea82cc16e889257d1336f4
-
SHA256
57f2cee4092298c59cc9c3df971f3a1ad14a96b8337b94bded6f1bc20b125dd1
-
SHA512
1bd96b9ca062f50f959777991183ab8682535dba678b85b50088653d4fdf7bc7884fda2615430ebf41ddff000f741fd9d8b8db7798a1cc901469877aa3370fdf
-
SSDEEP
49152:0y8f9DL6LRA1qi1vrP7VE2KGKwRA5vSe8Sz6oj9ghi1RebpyT390bYVGuSwZPSC8:05PeRA4i1vrPe2KSRAAe8S2oj9ghi1Rc
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-