General
-
Target
e2bb8d36fd9068609d880f43ce57a96e06f14b4c6ec57e8b4e935d56f47ee559
-
Size
468KB
-
Sample
250104-hl31qszmcp
-
MD5
312ae203611722f22b1ec2e5e8e5402a
-
SHA1
a31a89b3f8bf144668f7cfc77305fdf08b1b1073
-
SHA256
e2bb8d36fd9068609d880f43ce57a96e06f14b4c6ec57e8b4e935d56f47ee559
-
SHA512
e5d98a6bebfbcc8bda5c602df990e165418a73c3b4840e2d32fe17d54553a37068c9dca9e8195e839521660178e7e825e86752337758c61134123dfadf91d8d3
-
SSDEEP
12288:pozGdX0M4ornOmZIzfMwHHQmRRtZqTiBjvrEH7g:p4GHnhIzf6ErEH7g
Malware Config
Targets
-
-
Target
e2bb8d36fd9068609d880f43ce57a96e06f14b4c6ec57e8b4e935d56f47ee559
-
Size
468KB
-
MD5
312ae203611722f22b1ec2e5e8e5402a
-
SHA1
a31a89b3f8bf144668f7cfc77305fdf08b1b1073
-
SHA256
e2bb8d36fd9068609d880f43ce57a96e06f14b4c6ec57e8b4e935d56f47ee559
-
SHA512
e5d98a6bebfbcc8bda5c602df990e165418a73c3b4840e2d32fe17d54553a37068c9dca9e8195e839521660178e7e825e86752337758c61134123dfadf91d8d3
-
SSDEEP
12288:pozGdX0M4ornOmZIzfMwHHQmRRtZqTiBjvrEH7g:p4GHnhIzf6ErEH7g
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-