General
-
Target
cc3c2a5c3de8a5cd42b0e7af7106f8d82aead2608aea4beb3866ed7a94d72456
-
Size
213KB
-
Sample
250205-e2a34s1nbj
-
MD5
a0d9c7e19ad7567a8181ec40a637c36e
-
SHA1
19547ee65f4c7ba3c33c4eb789e8252e35a786d0
-
SHA256
cc3c2a5c3de8a5cd42b0e7af7106f8d82aead2608aea4beb3866ed7a94d72456
-
SHA512
2dbb758b7f7d190cfbffb20c1b815621692f352073d384ed4d6fb8c27a05c55c95586ae8f57cfac240ea58e5ad65752e3dfc14f49efdba5e29770129537cf6f9
-
SSDEEP
6144:L57SdQ6mCtnRPF9cCGr/uHkBV+UdvrEFp7hKbd:L57inRNh4uHkBjvrEH72d
Malware Config
Targets
-
-
Target
cc3c2a5c3de8a5cd42b0e7af7106f8d82aead2608aea4beb3866ed7a94d72456
-
Size
213KB
-
MD5
a0d9c7e19ad7567a8181ec40a637c36e
-
SHA1
19547ee65f4c7ba3c33c4eb789e8252e35a786d0
-
SHA256
cc3c2a5c3de8a5cd42b0e7af7106f8d82aead2608aea4beb3866ed7a94d72456
-
SHA512
2dbb758b7f7d190cfbffb20c1b815621692f352073d384ed4d6fb8c27a05c55c95586ae8f57cfac240ea58e5ad65752e3dfc14f49efdba5e29770129537cf6f9
-
SSDEEP
6144:L57SdQ6mCtnRPF9cCGr/uHkBV+UdvrEFp7hKbd:L57inRNh4uHkBjvrEH72d
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-