General
-
Target
30d48a7e45bc37f962aa8c05f7f3a13ac0d7e82b844eab4f36992acb3ff8d0a6
-
Size
2.6MB
-
Sample
250109-tqc6nawnaj
-
MD5
ac3cc1a368528856f8f0ff4d658c8c53
-
SHA1
2b00e71b25416a7424c09653badbba745a3e65d9
-
SHA256
30d48a7e45bc37f962aa8c05f7f3a13ac0d7e82b844eab4f36992acb3ff8d0a6
-
SHA512
5209ff96fbe8992ba9b5a37bb7ca759004ec1e51f09d9606da113668f1e129b95fece92ada50062a457c3052da7cce5a7cd132e500611f196274bc79e3d1c2ae
-
SSDEEP
49152:wnH3qnGeO8p9g0RWYD89NmQ3+Xa/ftxJEzmh8ezDJFpkCHI8IaGrpeJH2B:hpOYyNmQ3ZXtjEilD2Co8m
Malware Config
Targets
-
-
Target
30d48a7e45bc37f962aa8c05f7f3a13ac0d7e82b844eab4f36992acb3ff8d0a6
-
Size
2.6MB
-
MD5
ac3cc1a368528856f8f0ff4d658c8c53
-
SHA1
2b00e71b25416a7424c09653badbba745a3e65d9
-
SHA256
30d48a7e45bc37f962aa8c05f7f3a13ac0d7e82b844eab4f36992acb3ff8d0a6
-
SHA512
5209ff96fbe8992ba9b5a37bb7ca759004ec1e51f09d9606da113668f1e129b95fece92ada50062a457c3052da7cce5a7cd132e500611f196274bc79e3d1c2ae
-
SSDEEP
49152:wnH3qnGeO8p9g0RWYD89NmQ3+Xa/ftxJEzmh8ezDJFpkCHI8IaGrpeJH2B:hpOYyNmQ3ZXtjEilD2Co8m
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Downloads MZ/PE file
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-