Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e1de09818ccfe4ab1e60a0405ef9048499b2a194a8f22da3860e77edb05fa688N.exe

  • Size

    764KB

  • Sample

    250102-kk94rswpck

  • MD5

    a62df031442ac153b5ad41276cf9bda0

  • SHA1

    09b68a6a25fa5b00ac95f268f1219fd980232e41

  • SHA256

    e1de09818ccfe4ab1e60a0405ef9048499b2a194a8f22da3860e77edb05fa688

  • SHA512

    f64f10b7b1fa9d8bdb9944481025952efd1b2318fb5e1324b3101c85bc2fa0698cc6f6ca838a5c7fd2a60aab2403e5ded007d0f03e77fb64b3767ea6fbbb23c8

  • SSDEEP

    12288:N1R32E2w/x6NZ1ktdWT4HQj1zBjvrEH7a:N1t2Ux0BrEH7a

Malware Config

Targets

    • Target

      e1de09818ccfe4ab1e60a0405ef9048499b2a194a8f22da3860e77edb05fa688N.exe

    • Size

      764KB

    • MD5

      a62df031442ac153b5ad41276cf9bda0

    • SHA1

      09b68a6a25fa5b00ac95f268f1219fd980232e41

    • SHA256

      e1de09818ccfe4ab1e60a0405ef9048499b2a194a8f22da3860e77edb05fa688

    • SHA512

      f64f10b7b1fa9d8bdb9944481025952efd1b2318fb5e1324b3101c85bc2fa0698cc6f6ca838a5c7fd2a60aab2403e5ded007d0f03e77fb64b3767ea6fbbb23c8

    • SSDEEP

      12288:N1R32E2w/x6NZ1ktdWT4HQj1zBjvrEH7a:N1t2Ux0BrEH7a

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks