General
-
Target
2024-12-25_5da66797daab306445ce75f974f06c89_bkransomware_floxif
-
Size
2.1MB
-
Sample
241225-plsnbssqfn
-
MD5
5da66797daab306445ce75f974f06c89
-
SHA1
ad2c63977d18483946bc4d4fb9f646249728e3a8
-
SHA256
c3bd157108fdb9bf8a1d7f75a3df9a8b3ef1690359066942e0c82b2df3ad4911
-
SHA512
4cc51f774089b43bbc11bb1de3f43cc0e4bcb69e6346daba3b609d8a2861f2761fef867d5094f25cb1cb818fdd31d38b70b60823e99f33af02b8776419a65fd8
-
SSDEEP
49152:/ofqq2msxBMvSxRio/D4aQGJ6+Y59N2153xqPk4utu+NNAVw6rPYg:gCq2R3MvSxN/M9GJrYx2r34Pk4utCVF
Malware Config
Targets
-
-
Target
2024-12-25_5da66797daab306445ce75f974f06c89_bkransomware_floxif
-
Size
2.1MB
-
MD5
5da66797daab306445ce75f974f06c89
-
SHA1
ad2c63977d18483946bc4d4fb9f646249728e3a8
-
SHA256
c3bd157108fdb9bf8a1d7f75a3df9a8b3ef1690359066942e0c82b2df3ad4911
-
SHA512
4cc51f774089b43bbc11bb1de3f43cc0e4bcb69e6346daba3b609d8a2861f2761fef867d5094f25cb1cb818fdd31d38b70b60823e99f33af02b8776419a65fd8
-
SSDEEP
49152:/ofqq2msxBMvSxRio/D4aQGJ6+Y59N2153xqPk4utu+NNAVw6rPYg:gCq2R3MvSxN/M9GJrYx2r34Pk4utCVF
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-