General
-
Target
a571ce5f13cff3923aac4b1379efe6eccc88ad58a653ce85aa9640291d74bf19
-
Size
2.0MB
-
Sample
250207-d572ksypal
-
MD5
47d32c933a4a693d68bd57aa305b4c32
-
SHA1
40a62e4486f7ff33268326c7db304997459eab68
-
SHA256
a571ce5f13cff3923aac4b1379efe6eccc88ad58a653ce85aa9640291d74bf19
-
SHA512
dadd6eb0a2db810ee07e341538089cd3c1c95b6c4353d1ec0527be2222f5fddc65a2e309bb5c2906207e684e6d00fe24fc6941b8f25b184b516fd99ce6c44aa3
-
SSDEEP
49152:jio6pWgAw3G+ZDYolW9Y3OqkWXNc3lfF9iLPOmtBZ8rIy1cgD5jHmX:jApWIGOTW9Y3OqkWXNc3lfFAtH8rIy14
Malware Config
Targets
-
-
Target
a571ce5f13cff3923aac4b1379efe6eccc88ad58a653ce85aa9640291d74bf19
-
Size
2.0MB
-
MD5
47d32c933a4a693d68bd57aa305b4c32
-
SHA1
40a62e4486f7ff33268326c7db304997459eab68
-
SHA256
a571ce5f13cff3923aac4b1379efe6eccc88ad58a653ce85aa9640291d74bf19
-
SHA512
dadd6eb0a2db810ee07e341538089cd3c1c95b6c4353d1ec0527be2222f5fddc65a2e309bb5c2906207e684e6d00fe24fc6941b8f25b184b516fd99ce6c44aa3
-
SSDEEP
49152:jio6pWgAw3G+ZDYolW9Y3OqkWXNc3lfF9iLPOmtBZ8rIy1cgD5jHmX:jApWIGOTW9Y3OqkWXNc3lfFAtH8rIy14
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-