General
-
Target
041a49bcc35e32f6f4eb75de79539f19ecf6fd7b9313934d5c5ac4241de293ec
-
Size
286KB
-
Sample
250202-lazeysvnfz
-
MD5
d51bfb82f180b7607884f4bf224a53d9
-
SHA1
44d9b8334fd14583dd6cf43d21fb6712a5b85004
-
SHA256
041a49bcc35e32f6f4eb75de79539f19ecf6fd7b9313934d5c5ac4241de293ec
-
SHA512
df5729fc2eacb492a381b30e3af6ae8d19831f3bdeec4cbdbdf9ff470e35810882498c4a971cf5a3415b0ec65ee9cb2671d7c4390fd1e610d5e5d874466de894
-
SSDEEP
6144:S7gKNkhSRPAkHouyXnZhB+h8WHlBV+UdvrEFp7hK86:S7gKNkhmP+uyXnPB+h8WHlBjvrEH7/6
Malware Config
Targets
-
-
Target
041a49bcc35e32f6f4eb75de79539f19ecf6fd7b9313934d5c5ac4241de293ec
-
Size
286KB
-
MD5
d51bfb82f180b7607884f4bf224a53d9
-
SHA1
44d9b8334fd14583dd6cf43d21fb6712a5b85004
-
SHA256
041a49bcc35e32f6f4eb75de79539f19ecf6fd7b9313934d5c5ac4241de293ec
-
SHA512
df5729fc2eacb492a381b30e3af6ae8d19831f3bdeec4cbdbdf9ff470e35810882498c4a971cf5a3415b0ec65ee9cb2671d7c4390fd1e610d5e5d874466de894
-
SSDEEP
6144:S7gKNkhSRPAkHouyXnZhB+h8WHlBV+UdvrEFp7hK86:S7gKNkhmP+uyXnPB+h8WHlBjvrEH7/6
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-