General
-
Target
2025-02-03_d1211e3ecf2589d54ed35820b7bae015_bkransomware_floxif
-
Size
3.5MB
-
Sample
250203-pterfa1lh1
-
MD5
d1211e3ecf2589d54ed35820b7bae015
-
SHA1
7030d5eae5efc71fbcc047ff8ae058f1a7ceff9e
-
SHA256
9c46a8c4aa9f94cb7839ab99b2b4756bc06cfcf512aa3a27931096f9335148eb
-
SHA512
1048fed9dd026ccc73a771a818ae49bb04f42bd495fa6d5ca5f35bd40248769f499591f3edc6dea8a2e14427060660be7b88bbf1cdf3a56eb53979b724e01f55
-
SSDEEP
98304:UJtSIsHXa+8y3LuJr7e9Zf15s6GGKdjSFLOAkGkzdnEVomFHKnPgTG:UJ2xHbuJGLGGKdWFLOyomFHKnPg6
Malware Config
Targets
-
-
Target
2025-02-03_d1211e3ecf2589d54ed35820b7bae015_bkransomware_floxif
-
Size
3.5MB
-
MD5
d1211e3ecf2589d54ed35820b7bae015
-
SHA1
7030d5eae5efc71fbcc047ff8ae058f1a7ceff9e
-
SHA256
9c46a8c4aa9f94cb7839ab99b2b4756bc06cfcf512aa3a27931096f9335148eb
-
SHA512
1048fed9dd026ccc73a771a818ae49bb04f42bd495fa6d5ca5f35bd40248769f499591f3edc6dea8a2e14427060660be7b88bbf1cdf3a56eb53979b724e01f55
-
SSDEEP
98304:UJtSIsHXa+8y3LuJr7e9Zf15s6GGKdjSFLOAkGkzdnEVomFHKnPgTG:UJ2xHbuJGLGGKdWFLOyomFHKnPg6
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-