General
-
Target
2025-01-28_8151ddfe3c9a90fbef4d064a8912e772_bkransomware_floxif
-
Size
810KB
-
Sample
250128-ccxvgatndr
-
MD5
8151ddfe3c9a90fbef4d064a8912e772
-
SHA1
63d05a974b0972501881d9f4a09773ed0e51e4c1
-
SHA256
4724b7b26f08518e125265bd2f8ea1958d970388bdac0cab8f40dc7ebed5bd99
-
SHA512
be3fc63a91804801f04ad6b1378dee3df2bd2250816250084f743c72517d743f2d0f4cbe425909dca28bc7596ea26c5739c434fa4db329174e7326bda10b2d08
-
SSDEEP
24576:8Ke0obHxcNH9OhQATWNsHaVaOm1bNGarEH7n:8mxYSAGsHaVaVhNGB
Malware Config
Targets
-
-
Target
2025-01-28_8151ddfe3c9a90fbef4d064a8912e772_bkransomware_floxif
-
Size
810KB
-
MD5
8151ddfe3c9a90fbef4d064a8912e772
-
SHA1
63d05a974b0972501881d9f4a09773ed0e51e4c1
-
SHA256
4724b7b26f08518e125265bd2f8ea1958d970388bdac0cab8f40dc7ebed5bd99
-
SHA512
be3fc63a91804801f04ad6b1378dee3df2bd2250816250084f743c72517d743f2d0f4cbe425909dca28bc7596ea26c5739c434fa4db329174e7326bda10b2d08
-
SSDEEP
24576:8Ke0obHxcNH9OhQATWNsHaVaOm1bNGarEH7n:8mxYSAGsHaVaVhNGB
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-