General
-
Target
76e468ebdf55f0f6d1ca8cc1136d1e96c6062494db6301c9412dffaac44678e2
-
Size
133KB
-
Sample
250105-bc995axram
-
MD5
6cbd6aa80ea472d308abba93f944c2cc
-
SHA1
6fd27970460db6dcfe3b960204415f4076e20b8b
-
SHA256
76e468ebdf55f0f6d1ca8cc1136d1e96c6062494db6301c9412dffaac44678e2
-
SHA512
9541d55229bc2ccfafee2566ac5240de708531cf9991f475de2ab7eb683d94a5857f56bfa909565046debbafb3ec220541af05bb5c373ad1c7c7482d997ab304
-
SSDEEP
3072:FDM3/vx2+52lQBV+UdE+rECWp7hKyP22GTZNgld4:FDmTBV+UdvrEFp7hKa4
Malware Config
Targets
-
-
Target
76e468ebdf55f0f6d1ca8cc1136d1e96c6062494db6301c9412dffaac44678e2
-
Size
133KB
-
MD5
6cbd6aa80ea472d308abba93f944c2cc
-
SHA1
6fd27970460db6dcfe3b960204415f4076e20b8b
-
SHA256
76e468ebdf55f0f6d1ca8cc1136d1e96c6062494db6301c9412dffaac44678e2
-
SHA512
9541d55229bc2ccfafee2566ac5240de708531cf9991f475de2ab7eb683d94a5857f56bfa909565046debbafb3ec220541af05bb5c373ad1c7c7482d997ab304
-
SSDEEP
3072:FDM3/vx2+52lQBV+UdE+rECWp7hKyP22GTZNgld4:FDmTBV+UdvrEFp7hKa4
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-