General
-
Target
3b277b3d9abc86e72decb611eccbcd42c7536cdcb7c89440e3f2b9f6691fb711N.exe
-
Size
213KB
-
Sample
250108-ptq5gazmfw
-
MD5
3da112ee50413e5fd2c96602e894fe80
-
SHA1
c2f8c7d47cad2edb4aec72e30078b1c5d03e134a
-
SHA256
3b277b3d9abc86e72decb611eccbcd42c7536cdcb7c89440e3f2b9f6691fb711
-
SHA512
9d2365ba3e8b906dab45d09422e0e622757db2fc5f2c4e4ff512f6a23a20921fd516f1b81b7a761d0b112e949b7d0f3a2508178ef62d1dd6f2a71fa9b6540ed7
-
SSDEEP
6144:0gYQdQ6mCtnRPF9cCGr/uHkBV+UdvrEFp7hKppL:0gYInRNh4uHkBjvrEH7epL
Malware Config
Targets
-
-
Target
3b277b3d9abc86e72decb611eccbcd42c7536cdcb7c89440e3f2b9f6691fb711N.exe
-
Size
213KB
-
MD5
3da112ee50413e5fd2c96602e894fe80
-
SHA1
c2f8c7d47cad2edb4aec72e30078b1c5d03e134a
-
SHA256
3b277b3d9abc86e72decb611eccbcd42c7536cdcb7c89440e3f2b9f6691fb711
-
SHA512
9d2365ba3e8b906dab45d09422e0e622757db2fc5f2c4e4ff512f6a23a20921fd516f1b81b7a761d0b112e949b7d0f3a2508178ef62d1dd6f2a71fa9b6540ed7
-
SSDEEP
6144:0gYQdQ6mCtnRPF9cCGr/uHkBV+UdvrEFp7hKppL:0gYInRNh4uHkBjvrEH7epL
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-