General
-
Target
b6599377f1e4686746e7ad12362093bd2aa908ea13a8c7e3d7dbc154218b82c9
-
Size
469KB
-
Sample
241227-cc56vaynfk
-
MD5
ba1b628ae99b93fd307bc8ca7feaf95d
-
SHA1
7dd8bb41fd6a673b1edd20f7e4734c1ad3ab53e2
-
SHA256
b6599377f1e4686746e7ad12362093bd2aa908ea13a8c7e3d7dbc154218b82c9
-
SHA512
a50ab17c9e62b939ec82f9c8ff05cb6c3175e5d8ab1cf8791b15e289ad6fe1d5b5b58b8cf77a66bb40082c91af890d138b56530564beeb9319a103f4010fc7d7
-
SSDEEP
6144:A6+jDQ6+AWd5SkkdmDQirBV+UdvrEFp7hKAA:eXQkGdkdmDQeBjvrEH7o
Malware Config
Targets
-
-
Target
b6599377f1e4686746e7ad12362093bd2aa908ea13a8c7e3d7dbc154218b82c9
-
Size
469KB
-
MD5
ba1b628ae99b93fd307bc8ca7feaf95d
-
SHA1
7dd8bb41fd6a673b1edd20f7e4734c1ad3ab53e2
-
SHA256
b6599377f1e4686746e7ad12362093bd2aa908ea13a8c7e3d7dbc154218b82c9
-
SHA512
a50ab17c9e62b939ec82f9c8ff05cb6c3175e5d8ab1cf8791b15e289ad6fe1d5b5b58b8cf77a66bb40082c91af890d138b56530564beeb9319a103f4010fc7d7
-
SSDEEP
6144:A6+jDQ6+AWd5SkkdmDQirBV+UdvrEFp7hKAA:eXQkGdkdmDQeBjvrEH7o
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-