General
-
Target
6abc778c25bdee662f6002a6fc4c8bf381d148950c488ad54c85d33f3ec08c30N.exe
-
Size
276KB
-
Sample
250101-q4aqxawrfz
-
MD5
f159f4887e247b48370f39fe04f46220
-
SHA1
24df6eabe37ca56a174c8f595efc1becf2a1f30b
-
SHA256
6abc778c25bdee662f6002a6fc4c8bf381d148950c488ad54c85d33f3ec08c30
-
SHA512
bebc7216a8867a55173527319cdf77c71ab9eb192357efc9641a9a2a65dc95ab63ea5ef78dfcd3d3209b7f2144d9b99846a9555c86ee895cb2f32b0cc16730b3
-
SSDEEP
3072:cbcrMQD73Ygu9hDb2lQBV+UdE+rECWp7hKFk:QcrXo1FBV+UdvrEFp7hKFk
Malware Config
Targets
-
-
Target
6abc778c25bdee662f6002a6fc4c8bf381d148950c488ad54c85d33f3ec08c30N.exe
-
Size
276KB
-
MD5
f159f4887e247b48370f39fe04f46220
-
SHA1
24df6eabe37ca56a174c8f595efc1becf2a1f30b
-
SHA256
6abc778c25bdee662f6002a6fc4c8bf381d148950c488ad54c85d33f3ec08c30
-
SHA512
bebc7216a8867a55173527319cdf77c71ab9eb192357efc9641a9a2a65dc95ab63ea5ef78dfcd3d3209b7f2144d9b99846a9555c86ee895cb2f32b0cc16730b3
-
SSDEEP
3072:cbcrMQD73Ygu9hDb2lQBV+UdE+rECWp7hKFk:QcrXo1FBV+UdvrEFp7hKFk
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Blocklisted process makes network request
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-