General
-
Target
ce07efcb025b4db19acbc81e4adf866192c720ca38a60eb1ff2f4ad60056aec7N.exe
-
Size
962KB
-
Sample
250205-awc83a1rgq
-
MD5
52aa132b9e0a0f6f4667af56be100c30
-
SHA1
ef919c67819647edb02c4cbca2751015b5e0eed4
-
SHA256
ce07efcb025b4db19acbc81e4adf866192c720ca38a60eb1ff2f4ad60056aec7
-
SHA512
517e94293d1bdc78d29fc8ba7e0a72217b56fc27079e6995da692760aab7fca75349fe8ee4eb886d14af399d9b2956c71731e0b65475383d84dfe98edcad5a5a
-
SSDEEP
24576:bqNAogNi7/VxMAA4LVL8pJsv6tWKFdu9CcuuKTr9zORCrEH7p:GEiRx1b9GJsv6tWKFdu9CtuKTJzI
Malware Config
Targets
-
-
Target
ce07efcb025b4db19acbc81e4adf866192c720ca38a60eb1ff2f4ad60056aec7N.exe
-
Size
962KB
-
MD5
52aa132b9e0a0f6f4667af56be100c30
-
SHA1
ef919c67819647edb02c4cbca2751015b5e0eed4
-
SHA256
ce07efcb025b4db19acbc81e4adf866192c720ca38a60eb1ff2f4ad60056aec7
-
SHA512
517e94293d1bdc78d29fc8ba7e0a72217b56fc27079e6995da692760aab7fca75349fe8ee4eb886d14af399d9b2956c71731e0b65475383d84dfe98edcad5a5a
-
SSDEEP
24576:bqNAogNi7/VxMAA4LVL8pJsv6tWKFdu9CcuuKTr9zORCrEH7p:GEiRx1b9GJsv6tWKFdu9CtuKTJzI
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-