General
-
Target
2798895139e07570a474ad281dafe76ef8a4b790eb75a38d0f5bc5c510e3f9aeN.exe
-
Size
133KB
-
Sample
250127-bhytaatpen
-
MD5
1aedc732f941d3cf8d46a8bea3074d50
-
SHA1
fb8ddeacb5831ab1f02ba363e7b53f944e6eaa2e
-
SHA256
2798895139e07570a474ad281dafe76ef8a4b790eb75a38d0f5bc5c510e3f9ae
-
SHA512
aabb5c3dd1f207e9b841d6977adaf856ba31243af2fa410653c826ef84b5fa56fe5b3e8badd7090b6a7c87fcd531a6da24285f5154ff7cdf7f11d09b6bf50759
-
SSDEEP
1536:LqqatVB9aUVvv/7gppx2+XTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQ9F:kh3/qx2+52lQBV+UdE+rECWp7hKwldSY
Malware Config
Targets
-
-
Target
2798895139e07570a474ad281dafe76ef8a4b790eb75a38d0f5bc5c510e3f9aeN.exe
-
Size
133KB
-
MD5
1aedc732f941d3cf8d46a8bea3074d50
-
SHA1
fb8ddeacb5831ab1f02ba363e7b53f944e6eaa2e
-
SHA256
2798895139e07570a474ad281dafe76ef8a4b790eb75a38d0f5bc5c510e3f9ae
-
SHA512
aabb5c3dd1f207e9b841d6977adaf856ba31243af2fa410653c826ef84b5fa56fe5b3e8badd7090b6a7c87fcd531a6da24285f5154ff7cdf7f11d09b6bf50759
-
SSDEEP
1536:LqqatVB9aUVvv/7gppx2+XTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQ9F:kh3/qx2+52lQBV+UdE+rECWp7hKwldSY
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-