General
-
Target
4c429ea098b40d9705f9afc1be6ffdb3260701db1d3fa1d3140475c7720b52a0N.exe
-
Size
555KB
-
Sample
241225-xeq5xssrfk
-
MD5
76a3937bb1dd06a48980108140572350
-
SHA1
fa82441bbb7eb41b25270c2a880067276b900482
-
SHA256
4c429ea098b40d9705f9afc1be6ffdb3260701db1d3fa1d3140475c7720b52a0
-
SHA512
3ab3f10e03399ca1e05bf39683f0d3946e93ca50a7fa1a083905a2bed58c04ab2463ed39334674a69d5d34fe732c1f900c4b0a7d34963ba1f54c0867c361753a
-
SSDEEP
6144:ARC1nhBqK9FYLHrIzkpSYWcMaYPK3jlvl2Be4RHxvP7wIACPytfAk5MepYz6bXMk:XnhBvyL5SZUN4HD4D0n1BjvrEH7eXU
Malware Config
Targets
-
-
Target
4c429ea098b40d9705f9afc1be6ffdb3260701db1d3fa1d3140475c7720b52a0N.exe
-
Size
555KB
-
MD5
76a3937bb1dd06a48980108140572350
-
SHA1
fa82441bbb7eb41b25270c2a880067276b900482
-
SHA256
4c429ea098b40d9705f9afc1be6ffdb3260701db1d3fa1d3140475c7720b52a0
-
SHA512
3ab3f10e03399ca1e05bf39683f0d3946e93ca50a7fa1a083905a2bed58c04ab2463ed39334674a69d5d34fe732c1f900c4b0a7d34963ba1f54c0867c361753a
-
SSDEEP
6144:ARC1nhBqK9FYLHrIzkpSYWcMaYPK3jlvl2Be4RHxvP7wIACPytfAk5MepYz6bXMk:XnhBvyL5SZUN4HD4D0n1BjvrEH7eXU
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Blocklisted process makes network request
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-