General
-
Target
c67721f326a87009443b722d3720241da678773e57c602672574f100231ba487N.exe
-
Size
500KB
-
Sample
250104-mtny1awke1
-
MD5
a67d588f6eb0345a15b347057e39d2b0
-
SHA1
9959a0e42d64e3df4506e5992092a412c6eb6e7a
-
SHA256
c67721f326a87009443b722d3720241da678773e57c602672574f100231ba487
-
SHA512
079c874bf905b1fc4e30814691e9f26ac453e95251651dae195942edade2cb2b278cf0330e9f409ed06a13f5f1bfca81291782e17de2db208a14af77eee4e37e
-
SSDEEP
12288:ETLNQjAM800TVpm8j2NoSpmanmhUgiW6QR7t5s03Ooc8dHkC2esuDPoBjvrEH7w:ETLNQcMVYpEV03Ooc8dHkC2enDSrEH7w
Malware Config
Targets
-
-
Target
c67721f326a87009443b722d3720241da678773e57c602672574f100231ba487N.exe
-
Size
500KB
-
MD5
a67d588f6eb0345a15b347057e39d2b0
-
SHA1
9959a0e42d64e3df4506e5992092a412c6eb6e7a
-
SHA256
c67721f326a87009443b722d3720241da678773e57c602672574f100231ba487
-
SHA512
079c874bf905b1fc4e30814691e9f26ac453e95251651dae195942edade2cb2b278cf0330e9f409ed06a13f5f1bfca81291782e17de2db208a14af77eee4e37e
-
SSDEEP
12288:ETLNQjAM800TVpm8j2NoSpmanmhUgiW6QR7t5s03Ooc8dHkC2esuDPoBjvrEH7w:ETLNQcMVYpEV03Ooc8dHkC2enDSrEH7w
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-