General
-
Target
739054f1875ba15c7ad53e3a430ffaa60092bce0f205a8ab0f089f8005410e0a
-
Size
234KB
-
Sample
241229-gfjjgatrap
-
MD5
749f69ce81042fea91fd01ddb537b786
-
SHA1
34db0b85ea8e6f0c71baf12afd740f739bc34533
-
SHA256
739054f1875ba15c7ad53e3a430ffaa60092bce0f205a8ab0f089f8005410e0a
-
SHA512
1a284fd469230ef9889937baa22951aa1754e3c087f8d0f93ce1e7e7b211408b8508a6bcf652b065ee428aa3b0f58136eb9690ba12a3f54611eab9efca199289
-
SSDEEP
3072:uwzvOYT65YP/aKavT/DvbEvK9aQJI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzp:b6iP/aK2h9tJ/B+/kBV+UdvrEFp7hKE+
Malware Config
Targets
-
-
Target
739054f1875ba15c7ad53e3a430ffaa60092bce0f205a8ab0f089f8005410e0a
-
Size
234KB
-
MD5
749f69ce81042fea91fd01ddb537b786
-
SHA1
34db0b85ea8e6f0c71baf12afd740f739bc34533
-
SHA256
739054f1875ba15c7ad53e3a430ffaa60092bce0f205a8ab0f089f8005410e0a
-
SHA512
1a284fd469230ef9889937baa22951aa1754e3c087f8d0f93ce1e7e7b211408b8508a6bcf652b065ee428aa3b0f58136eb9690ba12a3f54611eab9efca199289
-
SSDEEP
3072:uwzvOYT65YP/aKavT/DvbEvK9aQJI2B+flkL7OjUuxGftPyhdY55s2ZUuyNFhyzp:b6iP/aK2h9tJ/B+/kBV+UdvrEFp7hKE+
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-