General
-
Target
2025-02-02_c7e0c4fa2370053578d91fc2f35ca76d_bkransomware_floxif
-
Size
275KB
-
Sample
250202-vzpfqatncr
-
MD5
c7e0c4fa2370053578d91fc2f35ca76d
-
SHA1
15be5145c2fc51408e7632b6d31a9923f2ba4576
-
SHA256
4ab27f2b61117185f5835701e749ee5b950c81992806b46f16442a5e2f2efe0b
-
SHA512
dd55b30e347b8aee4a6b0fb7a648a08f8b7ba7a0c01adcbdcea523b4f2dd2195b595691fc3783dd36c2206a90ce55fdaae6489e9b3bd449ebb504f20a05669d6
-
SSDEEP
6144:9+VSF60OhHLjv1nt3KPBV+UdvrEFp7hKf0:9+AF63HLpnJKPBjvrEH7A0
Malware Config
Targets
-
-
Target
2025-02-02_c7e0c4fa2370053578d91fc2f35ca76d_bkransomware_floxif
-
Size
275KB
-
MD5
c7e0c4fa2370053578d91fc2f35ca76d
-
SHA1
15be5145c2fc51408e7632b6d31a9923f2ba4576
-
SHA256
4ab27f2b61117185f5835701e749ee5b950c81992806b46f16442a5e2f2efe0b
-
SHA512
dd55b30e347b8aee4a6b0fb7a648a08f8b7ba7a0c01adcbdcea523b4f2dd2195b595691fc3783dd36c2206a90ce55fdaae6489e9b3bd449ebb504f20a05669d6
-
SSDEEP
6144:9+VSF60OhHLjv1nt3KPBV+UdvrEFp7hKf0:9+AF63HLpnJKPBjvrEH7A0
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-