General
-
Target
434ca205cd7a30a7025d8710246a7dfa5e3916b34570f5190c5b1f54ff91e538
-
Size
4.5MB
-
Sample
250104-gf9ewsxmal
-
MD5
6f403e0f86dd2de78bc06b9d61c4874e
-
SHA1
e6d06574bb2955c87ff6aa5b59e425adb43b1281
-
SHA256
434ca205cd7a30a7025d8710246a7dfa5e3916b34570f5190c5b1f54ff91e538
-
SHA512
a4e245c4d1d1863ee333206cf5c5dd32e9d163f5fe0ef407ee46e6dd9f7576821ab2929065cf76b511c425fe313a7410c09cd64cd5b58a65492e52d5c443af55
-
SSDEEP
98304:XvSLWubKyeP092Ox9GeQlv9NkiMbV1m3Nb:/SOE5GeQlv9WzLGNb
Malware Config
Targets
-
-
Target
434ca205cd7a30a7025d8710246a7dfa5e3916b34570f5190c5b1f54ff91e538
-
Size
4.5MB
-
MD5
6f403e0f86dd2de78bc06b9d61c4874e
-
SHA1
e6d06574bb2955c87ff6aa5b59e425adb43b1281
-
SHA256
434ca205cd7a30a7025d8710246a7dfa5e3916b34570f5190c5b1f54ff91e538
-
SHA512
a4e245c4d1d1863ee333206cf5c5dd32e9d163f5fe0ef407ee46e6dd9f7576821ab2929065cf76b511c425fe313a7410c09cd64cd5b58a65492e52d5c443af55
-
SSDEEP
98304:XvSLWubKyeP092Ox9GeQlv9NkiMbV1m3Nb:/SOE5GeQlv9WzLGNb
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-