General

  • Target

    37c2edf58bd2f83f8d865b06ca631b16dedd1c1ba8c56ea8fc1616791844d183N.exe

  • Size

    597KB

  • Sample

    241225-tjd5daxnet

  • MD5

    6580681757d7fb1f44ad2fdc6b92ca20

  • SHA1

    f901fd8a61e80c19f474f443011fa24f1c5fbcab

  • SHA256

    37c2edf58bd2f83f8d865b06ca631b16dedd1c1ba8c56ea8fc1616791844d183

  • SHA512

    7d1e5b2169c13c4c5ab84deaf13e595d1ffc35db03898276e92d0cb55565a8a570e6679cf975801658c8ee4984cd48b751d9792165cd5b07f0443b5f66a31680

  • SSDEEP

    12288:FSdK4MVDr7vRgndOBBtCVUPMvk2CqvAmYac8MRGM4h/qofchQ:FSd38r7ZgdOBHCVk2CqvAic8MRGJ/qoJ

Malware Config

Targets

    • Target

      37c2edf58bd2f83f8d865b06ca631b16dedd1c1ba8c56ea8fc1616791844d183N.exe

    • Size

      597KB

    • MD5

      6580681757d7fb1f44ad2fdc6b92ca20

    • SHA1

      f901fd8a61e80c19f474f443011fa24f1c5fbcab

    • SHA256

      37c2edf58bd2f83f8d865b06ca631b16dedd1c1ba8c56ea8fc1616791844d183

    • SHA512

      7d1e5b2169c13c4c5ab84deaf13e595d1ffc35db03898276e92d0cb55565a8a570e6679cf975801658c8ee4984cd48b751d9792165cd5b07f0443b5f66a31680

    • SSDEEP

      12288:FSdK4MVDr7vRgndOBBtCVUPMvk2CqvAmYac8MRGM4h/qofchQ:FSd38r7ZgdOBHCVk2CqvAic8MRGJ/qoJ

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Network Service Discovery

      Attempt to gather information on host's network.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks