General
-
Target
484a3e404f1118f8586643b86afddd3a29add3e59e88595181a174c2286131fc
-
Size
1.5MB
-
Sample
250101-2kq5bs1jfj
-
MD5
59d568e7483501f291463cef00f90dc7
-
SHA1
41c7314c75c6f4b8fcec7b837ca896b2738da813
-
SHA256
484a3e404f1118f8586643b86afddd3a29add3e59e88595181a174c2286131fc
-
SHA512
5e5371e5bee825608ea45ea9956d14f7b2e40ca9dbc8f985856f6b17d52784a75418c6c12b2d2bd2f0a4354bf2e247a308dbc13b6e1a7fab5c8d60066c4d0d18
-
SSDEEP
49152:ffLu5HYuMnlY/Qro+edHV7pBSumNh+qKKZqq1qA:ff3uwY/ddHhpBcPLqqUA
Malware Config
Targets
-
-
Target
484a3e404f1118f8586643b86afddd3a29add3e59e88595181a174c2286131fc
-
Size
1.5MB
-
MD5
59d568e7483501f291463cef00f90dc7
-
SHA1
41c7314c75c6f4b8fcec7b837ca896b2738da813
-
SHA256
484a3e404f1118f8586643b86afddd3a29add3e59e88595181a174c2286131fc
-
SHA512
5e5371e5bee825608ea45ea9956d14f7b2e40ca9dbc8f985856f6b17d52784a75418c6c12b2d2bd2f0a4354bf2e247a308dbc13b6e1a7fab5c8d60066c4d0d18
-
SSDEEP
49152:ffLu5HYuMnlY/Qro+edHV7pBSumNh+qKKZqq1qA:ff3uwY/ddHhpBcPLqqUA
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Network Service Discovery
Attempt to gather information on host's network.
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-