General
-
Target
3752f675c8976942ede3cc8550ce51c88fe4077096c2b8eb0898ad385f97a031
-
Size
3.7MB
-
Sample
250123-2arywaxqej
-
MD5
7a5c8f7d07c79ce099f53c380f12d8a2
-
SHA1
95afdcba1940eb1d949cfa22c4cb763ba3334957
-
SHA256
3752f675c8976942ede3cc8550ce51c88fe4077096c2b8eb0898ad385f97a031
-
SHA512
ef3537a1771d02abd0a2334e94bf66c3daceea10140b5ee4df3cb2b0f016e964c3013d7ef689c3839c95a092a56ff4df08d504835775e4a35fd8e90f0d9fd5ea
-
SSDEEP
49152:rI1u3rxVQRnU+VawzUeSk0ZzdMbQ0uCJymvANzfU+y81CPwDvt3uFY8C++G+B/mh:rI1uMbZcRU+N1CPwDvt3uFY8Cm
Malware Config
Targets
-
-
Target
3752f675c8976942ede3cc8550ce51c88fe4077096c2b8eb0898ad385f97a031
-
Size
3.7MB
-
MD5
7a5c8f7d07c79ce099f53c380f12d8a2
-
SHA1
95afdcba1940eb1d949cfa22c4cb763ba3334957
-
SHA256
3752f675c8976942ede3cc8550ce51c88fe4077096c2b8eb0898ad385f97a031
-
SHA512
ef3537a1771d02abd0a2334e94bf66c3daceea10140b5ee4df3cb2b0f016e964c3013d7ef689c3839c95a092a56ff4df08d504835775e4a35fd8e90f0d9fd5ea
-
SSDEEP
49152:rI1u3rxVQRnU+VawzUeSk0ZzdMbQ0uCJymvANzfU+y81CPwDvt3uFY8C++G+B/mh:rI1uMbZcRU+N1CPwDvt3uFY8Cm
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-