General
-
Target
23de0e44017f7aa6f3f5b6fd0cb0ef117ef23b6f6f4ad0f094ee99abf338a192N.exe
-
Size
287KB
-
Sample
241226-re689axkgv
-
MD5
bb0c7c27feebb2bbe77458a093c3c6e0
-
SHA1
af6afeab9d45e20aa9d867afe2e0dfad0944d91a
-
SHA256
23de0e44017f7aa6f3f5b6fd0cb0ef117ef23b6f6f4ad0f094ee99abf338a192
-
SHA512
072073e554ed7f8100bf79e6e6ab670da1be48d01d76d3dc01453c4e976242960204afd6cc8f62c60de9369d806423f92aa8c2b24550d7a71fe89d34557ab136
-
SSDEEP
6144:GutfTJ1kHnuyXTZBB+R8WpMBV+UdvrEFp7hKp:GutbJauyXTvB+R8WiBjvrEH7+
Malware Config
Targets
-
-
Target
23de0e44017f7aa6f3f5b6fd0cb0ef117ef23b6f6f4ad0f094ee99abf338a192N.exe
-
Size
287KB
-
MD5
bb0c7c27feebb2bbe77458a093c3c6e0
-
SHA1
af6afeab9d45e20aa9d867afe2e0dfad0944d91a
-
SHA256
23de0e44017f7aa6f3f5b6fd0cb0ef117ef23b6f6f4ad0f094ee99abf338a192
-
SHA512
072073e554ed7f8100bf79e6e6ab670da1be48d01d76d3dc01453c4e976242960204afd6cc8f62c60de9369d806423f92aa8c2b24550d7a71fe89d34557ab136
-
SSDEEP
6144:GutfTJ1kHnuyXTZBB+R8WpMBV+UdvrEFp7hKp:GutbJauyXTvB+R8WiBjvrEH7+
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-