General
-
Target
b8e1be8a453d1687e36cafc4f523c604783eb68a4a9d04e58f1fe4204eb77cfbN.exe
-
Size
654KB
-
Sample
250121-qc3ydavmat
-
MD5
fdf6f889a2b46518925df31371d8a1b0
-
SHA1
1e70ceee45f109b04328f0a8aac42bc67e35b394
-
SHA256
b8e1be8a453d1687e36cafc4f523c604783eb68a4a9d04e58f1fe4204eb77cfb
-
SHA512
bcb8720603222c7c99c0b5ffa24b8dfa76f30590e69736c64e3460daaede3776b4f94fbf8ab3bbb1a3feb4727862f8f11666186f22383e17055808472659e2f4
-
SSDEEP
12288:HInxVTEmz2Wha8ia+7XzXqe0GAHW8MYxmc2mf8iJPsBjvrEH7i:on8m1ia+7Xz7HqW8MYxmc2K8ikrEH7i
Malware Config
Targets
-
-
Target
b8e1be8a453d1687e36cafc4f523c604783eb68a4a9d04e58f1fe4204eb77cfbN.exe
-
Size
654KB
-
MD5
fdf6f889a2b46518925df31371d8a1b0
-
SHA1
1e70ceee45f109b04328f0a8aac42bc67e35b394
-
SHA256
b8e1be8a453d1687e36cafc4f523c604783eb68a4a9d04e58f1fe4204eb77cfb
-
SHA512
bcb8720603222c7c99c0b5ffa24b8dfa76f30590e69736c64e3460daaede3776b4f94fbf8ab3bbb1a3feb4727862f8f11666186f22383e17055808472659e2f4
-
SSDEEP
12288:HInxVTEmz2Wha8ia+7XzXqe0GAHW8MYxmc2mf8iJPsBjvrEH7i:on8m1ia+7Xz7HqW8MYxmc2K8ikrEH7i
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-