General
-
Target
03fb3d89922df4d8d50a5796bdae08840492fd1252db7fbc45bf837a197c9949
-
Size
296KB
-
Sample
250101-gmt9jsyqgk
-
MD5
5e878d18807eb4ead1c1722df8f95629
-
SHA1
c1b42c0a27db890a1ef649b7c261477f5145c00c
-
SHA256
03fb3d89922df4d8d50a5796bdae08840492fd1252db7fbc45bf837a197c9949
-
SHA512
b47eee7647abe2d9fafb2030b57a8a0a1e9f9f9185761aaa2fa2b9de4f756cdb3f99844dd280240077624bf29cd1d6ebcda00ae013e95a87e4a254fed6afded4
-
SSDEEP
6144:hVtiRlO1bzgQdR5cMCVFZSQVKWdF91xeuyJPAOvvsCxBV+UdvrEFp7hKZ:hVtulO1bzgQdkTPlFwuyJPhsCxBjvrEC
Malware Config
Targets
-
-
Target
03fb3d89922df4d8d50a5796bdae08840492fd1252db7fbc45bf837a197c9949
-
Size
296KB
-
MD5
5e878d18807eb4ead1c1722df8f95629
-
SHA1
c1b42c0a27db890a1ef649b7c261477f5145c00c
-
SHA256
03fb3d89922df4d8d50a5796bdae08840492fd1252db7fbc45bf837a197c9949
-
SHA512
b47eee7647abe2d9fafb2030b57a8a0a1e9f9f9185761aaa2fa2b9de4f756cdb3f99844dd280240077624bf29cd1d6ebcda00ae013e95a87e4a254fed6afded4
-
SSDEEP
6144:hVtiRlO1bzgQdR5cMCVFZSQVKWdF91xeuyJPAOvvsCxBV+UdvrEFp7hKZ:hVtulO1bzgQdkTPlFwuyJPhsCxBjvrEC
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-