General
-
Target
ffb89708a055c8ff0e66138d467777bfa2f3b91da941c5e66e117902e9e3a183N.exe
-
Size
814KB
-
Sample
250104-h1stba1jck
-
MD5
06d2653d59f124dcf003a0ebc08a29e0
-
SHA1
3348a49a23064baa10abee2fada060be843c05e0
-
SHA256
ffb89708a055c8ff0e66138d467777bfa2f3b91da941c5e66e117902e9e3a183
-
SHA512
fde4b02e84fb0b5f2a8a712780a8738f40cf9261053c5b5faa7015c1c2e30a3065cc49c40a8460635112a504d33798e6f063f22b59c1cbc56f830c86b621e250
-
SSDEEP
24576:6FE//Tct4bOs9DbdNORR5gQT9iD2N9yH54CrEH7p:YSVhbdNORR5z9a2N9O5W
Malware Config
Targets
-
-
Target
ffb89708a055c8ff0e66138d467777bfa2f3b91da941c5e66e117902e9e3a183N.exe
-
Size
814KB
-
MD5
06d2653d59f124dcf003a0ebc08a29e0
-
SHA1
3348a49a23064baa10abee2fada060be843c05e0
-
SHA256
ffb89708a055c8ff0e66138d467777bfa2f3b91da941c5e66e117902e9e3a183
-
SHA512
fde4b02e84fb0b5f2a8a712780a8738f40cf9261053c5b5faa7015c1c2e30a3065cc49c40a8460635112a504d33798e6f063f22b59c1cbc56f830c86b621e250
-
SSDEEP
24576:6FE//Tct4bOs9DbdNORR5gQT9iD2N9yH54CrEH7p:YSVhbdNORR5z9a2N9O5W
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-