General

  • Target

    439fa40357463de5760a2072979672a5750061ce65250b1792bec3e290cfdf9d

  • Size

    943KB

  • Sample

    250129-kpp96asraw

  • MD5

    e30a45f98487f37459daeb1179155579

  • SHA1

    7b0facfa29841af1fe05fec3d77717d2ef08891a

  • SHA256

    439fa40357463de5760a2072979672a5750061ce65250b1792bec3e290cfdf9d

  • SHA512

    254d65419735abd4f3c8dde64024af017ff0c11e22f51167ce6e68afebfb36f73882f956c970e6977c9356743b686284416588ab6f5e8c550ae0a2e2e5393363

  • SSDEEP

    24576:uOo5yT/tMbHWc8eC9UqOUk12+lm/HIpUqpZ1kVlFo1U4uTrEH72H:uOowTKbHqScBInpLkDGduh

Malware Config

Targets

    • Target

      439fa40357463de5760a2072979672a5750061ce65250b1792bec3e290cfdf9d

    • Size

      943KB

    • MD5

      e30a45f98487f37459daeb1179155579

    • SHA1

      7b0facfa29841af1fe05fec3d77717d2ef08891a

    • SHA256

      439fa40357463de5760a2072979672a5750061ce65250b1792bec3e290cfdf9d

    • SHA512

      254d65419735abd4f3c8dde64024af017ff0c11e22f51167ce6e68afebfb36f73882f956c970e6977c9356743b686284416588ab6f5e8c550ae0a2e2e5393363

    • SSDEEP

      24576:uOo5yT/tMbHWc8eC9UqOUk12+lm/HIpUqpZ1kVlFo1U4uTrEH72H:uOowTKbHqScBInpLkDGduh

    • Floxif family

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks