General
-
Target
180a5056261a5909d36311f5e4e80b36c9a485fdb36fe08ad14723933fb9de82N.exe
-
Size
828KB
-
Sample
250127-lmx3natmcj
-
MD5
4a6089ff0c9e02049cc5cb9fdbbfcbc0
-
SHA1
3dd0168e95acbc2b24b6fdcae1a7e8fad5c1a678
-
SHA256
180a5056261a5909d36311f5e4e80b36c9a485fdb36fe08ad14723933fb9de82
-
SHA512
2a47b744940127d270e86382b8931f91f5cda3b8c451c582f36d7a1126b47df448cd849d9c7048ae9358a3d104ca5d5b7297aa6cdb22a30636eeef3b6b88de97
-
SSDEEP
12288:YaWzgMV7v36oCi3ErQohh0F4wCJ8lnyrQELlmo/4jSO9fgCBjvrEH7jp:PaHVvQzrjInyrQELX/eB9fHrEH7jp
Malware Config
Targets
-
-
Target
180a5056261a5909d36311f5e4e80b36c9a485fdb36fe08ad14723933fb9de82N.exe
-
Size
828KB
-
MD5
4a6089ff0c9e02049cc5cb9fdbbfcbc0
-
SHA1
3dd0168e95acbc2b24b6fdcae1a7e8fad5c1a678
-
SHA256
180a5056261a5909d36311f5e4e80b36c9a485fdb36fe08ad14723933fb9de82
-
SHA512
2a47b744940127d270e86382b8931f91f5cda3b8c451c582f36d7a1126b47df448cd849d9c7048ae9358a3d104ca5d5b7297aa6cdb22a30636eeef3b6b88de97
-
SSDEEP
12288:YaWzgMV7v36oCi3ErQohh0F4wCJ8lnyrQELlmo/4jSO9fgCBjvrEH7jp:PaHVvQzrjInyrQELX/eB9fHrEH7jp
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-