General
-
Target
dee654f3cf65f4d57fdc0481a0e6d422ba189d9869858919c5efd2495e4a8a33N.exe
-
Size
140KB
-
Sample
250102-gq6rrawrfx
-
MD5
e47f3d3e6378b8bdf2db57b38522abb0
-
SHA1
8f330749b3acebf4395b008f96d8283360f2baf3
-
SHA256
dee654f3cf65f4d57fdc0481a0e6d422ba189d9869858919c5efd2495e4a8a33
-
SHA512
a2ad036d29e8c4b30148b50ea9bce30b60f513e1b6d7e33f111282b09c3d26f6f2c8cf1c98a4bfa3eab23a8a3c4066a630bd3ad0f7ebdcfae5c0f83d7b6258e2
-
SSDEEP
3072:nlOx/1iOCor2lQBV+UdE+rECWp7hKnHOb9:Q/xCSBV+UdvrEFp7hKnHOb9
Malware Config
Targets
-
-
Target
dee654f3cf65f4d57fdc0481a0e6d422ba189d9869858919c5efd2495e4a8a33N.exe
-
Size
140KB
-
MD5
e47f3d3e6378b8bdf2db57b38522abb0
-
SHA1
8f330749b3acebf4395b008f96d8283360f2baf3
-
SHA256
dee654f3cf65f4d57fdc0481a0e6d422ba189d9869858919c5efd2495e4a8a33
-
SHA512
a2ad036d29e8c4b30148b50ea9bce30b60f513e1b6d7e33f111282b09c3d26f6f2c8cf1c98a4bfa3eab23a8a3c4066a630bd3ad0f7ebdcfae5c0f83d7b6258e2
-
SSDEEP
3072:nlOx/1iOCor2lQBV+UdE+rECWp7hKnHOb9:Q/xCSBV+UdvrEFp7hKnHOb9
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-