General
-
Target
fd4bd80f1f760674069dae9a167cddeaa2992d525e53d6476673ac80535ef645
-
Size
920KB
-
Sample
241227-e76rza1rds
-
MD5
94361990aea4625806dce5dd6110ea9d
-
SHA1
3adabb57f70c811c7e391440429ccfaac0d7e55e
-
SHA256
fd4bd80f1f760674069dae9a167cddeaa2992d525e53d6476673ac80535ef645
-
SHA512
40bbbdf5c5eb003fff91954b5337647289e0cf141467b9bfda3f4523a182232660688675dacb631a2f8575fd03e12e56f5ee6a9998743d386cd5cc92c11319be
-
SSDEEP
12288:HCdOy3vVrK3R5CXbNjAOxK/j2n+4YG/6cHqFFja3mXgcjfRlgsUBgaoiSNQHBjvA:HCdxtk/80jYLx3U1jfsWaNSNQFrEH7V
Malware Config
Targets
-
-
Target
fd4bd80f1f760674069dae9a167cddeaa2992d525e53d6476673ac80535ef645
-
Size
920KB
-
MD5
94361990aea4625806dce5dd6110ea9d
-
SHA1
3adabb57f70c811c7e391440429ccfaac0d7e55e
-
SHA256
fd4bd80f1f760674069dae9a167cddeaa2992d525e53d6476673ac80535ef645
-
SHA512
40bbbdf5c5eb003fff91954b5337647289e0cf141467b9bfda3f4523a182232660688675dacb631a2f8575fd03e12e56f5ee6a9998743d386cd5cc92c11319be
-
SSDEEP
12288:HCdOy3vVrK3R5CXbNjAOxK/j2n+4YG/6cHqFFja3mXgcjfRlgsUBgaoiSNQHBjvA:HCdxtk/80jYLx3U1jfsWaNSNQFrEH7V
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-