General
-
Target
a617bfba14bb8a936ed86d83e75b1c89f30cf0becb04608293177a3480d48856
-
Size
140KB
-
Sample
250110-gfzwfstqbz
-
MD5
9385d075b594e4b34bc2cb2b5cfd1ab9
-
SHA1
94d1542ec26bf6f4d878a63e1d7e8d4d1887b502
-
SHA256
a617bfba14bb8a936ed86d83e75b1c89f30cf0becb04608293177a3480d48856
-
SHA512
b9b7ffe73063213f7e57caaab563bf2dc36e16b4f5085b6377432a4811e91122b68800b28b1e7451570811c07f75a73f730eb045138a603076c4020b01328ccc
-
SSDEEP
3072:aPkeZhdmOFOM+G8bh2lQBV+UdE+rECWp7hKk7s8x:deTVFOM+n1BV+UdvrEFp7hKTm
Malware Config
Targets
-
-
Target
a617bfba14bb8a936ed86d83e75b1c89f30cf0becb04608293177a3480d48856
-
Size
140KB
-
MD5
9385d075b594e4b34bc2cb2b5cfd1ab9
-
SHA1
94d1542ec26bf6f4d878a63e1d7e8d4d1887b502
-
SHA256
a617bfba14bb8a936ed86d83e75b1c89f30cf0becb04608293177a3480d48856
-
SHA512
b9b7ffe73063213f7e57caaab563bf2dc36e16b4f5085b6377432a4811e91122b68800b28b1e7451570811c07f75a73f730eb045138a603076c4020b01328ccc
-
SSDEEP
3072:aPkeZhdmOFOM+G8bh2lQBV+UdE+rECWp7hKk7s8x:deTVFOM+n1BV+UdvrEFp7hKTm
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-