General
-
Target
10a0f8745f5f8cddb4256c91618b9e25d061cbf603f9cd105d4b371899c24b9dN.exe
-
Size
163KB
-
Sample
250202-asvnyayqar
-
MD5
ab2e5fbb7f75cb508cc8097ca74d0920
-
SHA1
edf7f8fc9bebcf20c54e3137fd2cd23f2555f9cb
-
SHA256
10a0f8745f5f8cddb4256c91618b9e25d061cbf603f9cd105d4b371899c24b9d
-
SHA512
f34565f2729e6419255783a9925346cd839dc22caac4cd1741756ab9458037fc2922e501f099f9b8c37786e919c8d59d9513e7d5c93365cb62a1fff4aabc207b
-
SSDEEP
3072:HkJU9bKpvXiMntSYN2lQBV+UdE+rECWp7hKaFmu:EJU9bKp6YxBV+UdvrEFp7hKaX
Malware Config
Targets
-
-
Target
10a0f8745f5f8cddb4256c91618b9e25d061cbf603f9cd105d4b371899c24b9dN.exe
-
Size
163KB
-
MD5
ab2e5fbb7f75cb508cc8097ca74d0920
-
SHA1
edf7f8fc9bebcf20c54e3137fd2cd23f2555f9cb
-
SHA256
10a0f8745f5f8cddb4256c91618b9e25d061cbf603f9cd105d4b371899c24b9d
-
SHA512
f34565f2729e6419255783a9925346cd839dc22caac4cd1741756ab9458037fc2922e501f099f9b8c37786e919c8d59d9513e7d5c93365cb62a1fff4aabc207b
-
SSDEEP
3072:HkJU9bKpvXiMntSYN2lQBV+UdE+rECWp7hKaFmu:EJU9bKp6YxBV+UdvrEFp7hKaX
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-