General
-
Target
18cc698ce5767942e4d046b432e8d1da9f923277890d37aab2756354a7261f12N.exe
-
Size
438KB
-
Sample
250122-xtq4ga1qfr
-
MD5
dbc42c77aeca164f0738ce95381b7e50
-
SHA1
a3dff0de1ced8e2dd60d069d51082b85351404d6
-
SHA256
18cc698ce5767942e4d046b432e8d1da9f923277890d37aab2756354a7261f12
-
SHA512
81bef66ea9710bab0b2165193158c39783c528a60249b4d9d00c0b90cbea790c9e13ceff0fe8fd42f2909be4dfaf619abd25cc5ed7ef1e122f1236d6341e2b45
-
SSDEEP
6144:JN4v63b9AM0LyQZaqSgxAdGoQDGR9MhJiy/lqBVqAOzZ17BV+UdvrEFp7hKRZ:34v65AllEAGRF4l/JBjvrEH7kZ
Malware Config
Targets
-
-
Target
18cc698ce5767942e4d046b432e8d1da9f923277890d37aab2756354a7261f12N.exe
-
Size
438KB
-
MD5
dbc42c77aeca164f0738ce95381b7e50
-
SHA1
a3dff0de1ced8e2dd60d069d51082b85351404d6
-
SHA256
18cc698ce5767942e4d046b432e8d1da9f923277890d37aab2756354a7261f12
-
SHA512
81bef66ea9710bab0b2165193158c39783c528a60249b4d9d00c0b90cbea790c9e13ceff0fe8fd42f2909be4dfaf619abd25cc5ed7ef1e122f1236d6341e2b45
-
SSDEEP
6144:JN4v63b9AM0LyQZaqSgxAdGoQDGR9MhJiy/lqBVqAOzZ17BV+UdvrEFp7hKRZ:34v65AllEAGRF4l/JBjvrEH7kZ
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-