General
-
Target
9446da8f41a591dfda140903b252bdcc02d4d43167ea3a0535b08e8356cda4c7N.exe
-
Size
1.8MB
-
Sample
250202-mp3xcsxqft
-
MD5
5c84a270f4cc32e915f4433af19ff2c0
-
SHA1
961dc1dc6d85e8af19dc19267f56cd95b26837ee
-
SHA256
9446da8f41a591dfda140903b252bdcc02d4d43167ea3a0535b08e8356cda4c7
-
SHA512
b7e6ae173ea42a159747dd64a1dd5d3cd1bda5780cabc92f711d60b5d52847c8dca06027d00ca64134bae7676d8d3dc31968750b97cacd0edde851ef26bf6e93
-
SSDEEP
49152:x78DVIs6EsAcq3F4ye5Ealk5uWlCZV2zpf0P4Q/tjhXq:xgI3a53F4ye53k5uWYvWfWjw
Malware Config
Targets
-
-
Target
9446da8f41a591dfda140903b252bdcc02d4d43167ea3a0535b08e8356cda4c7N.exe
-
Size
1.8MB
-
MD5
5c84a270f4cc32e915f4433af19ff2c0
-
SHA1
961dc1dc6d85e8af19dc19267f56cd95b26837ee
-
SHA256
9446da8f41a591dfda140903b252bdcc02d4d43167ea3a0535b08e8356cda4c7
-
SHA512
b7e6ae173ea42a159747dd64a1dd5d3cd1bda5780cabc92f711d60b5d52847c8dca06027d00ca64134bae7676d8d3dc31968750b97cacd0edde851ef26bf6e93
-
SSDEEP
49152:x78DVIs6EsAcq3F4ye5Ealk5uWlCZV2zpf0P4Q/tjhXq:xgI3a53F4ye53k5uWYvWfWjw
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-