General
-
Target
2025-01-10_a3c0444830fffe84dc423c7524b719e9_avoslocker_cobalt-strike_floxif_luca-stealer
-
Size
224KB
-
Sample
250110-whg6ratndq
-
MD5
a3c0444830fffe84dc423c7524b719e9
-
SHA1
2e6855116150518d10bd3783f523b896db78f118
-
SHA256
f3602ba25eb85e5ce1874a9be120dac028c10d8c982b9b713e39b0369670df99
-
SHA512
6dbcbc248a910e3661987a9a84c4871f8466944d05239f70bd6489b92355dd78e43fffee5b1db684eee5a4bd4e6318f6ecd7eda6b3d2824183c8afd61bdbdadf
-
SSDEEP
6144:aya2zi7ajvRcGvCLw9hH4JdBV+UdvrEFp7hK2n:aya2zi+jvNj9hH4JdBjvrEH7L
Malware Config
Targets
-
-
Target
2025-01-10_a3c0444830fffe84dc423c7524b719e9_avoslocker_cobalt-strike_floxif_luca-stealer
-
Size
224KB
-
MD5
a3c0444830fffe84dc423c7524b719e9
-
SHA1
2e6855116150518d10bd3783f523b896db78f118
-
SHA256
f3602ba25eb85e5ce1874a9be120dac028c10d8c982b9b713e39b0369670df99
-
SHA512
6dbcbc248a910e3661987a9a84c4871f8466944d05239f70bd6489b92355dd78e43fffee5b1db684eee5a4bd4e6318f6ecd7eda6b3d2824183c8afd61bdbdadf
-
SSDEEP
6144:aya2zi7ajvRcGvCLw9hH4JdBV+UdvrEFp7hK2n:aya2zi+jvNj9hH4JdBjvrEH7L
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-