General
-
Target
Pixel Firm (Pixel Shop Remix).sb3
-
Size
2.0MB
-
Sample
250207-h3m1vavmhm
-
MD5
d0b106eb48239091954c100cae4c471c
-
SHA1
e3484c2ca2363168fcea8675ceb66fa7ebcc18ad
-
SHA256
9173e9ef902be1dd114e2266ffa40de382e1664cbb144df862e1248b85624133
-
SHA512
3649aab36e9a67e63a645e616d3b89ada8a75661b4be5ccd8395b03a22626389f8ab4b078ed8e1053ed4528c1179c6691b851ebea2f48f1da1dfa20e7ca8bed3
-
SSDEEP
49152:+lpAdK6OVyIj6aa/umkp2I4wfOAhhnhh0tKfGO/p6Bqh7ua:+bAdhWmvumw2nw2AhhQ4fV6YFua
Malware Config
Targets
-
-
Target
Pixel Firm (Pixel Shop Remix).sb3
-
Size
2.0MB
-
MD5
d0b106eb48239091954c100cae4c471c
-
SHA1
e3484c2ca2363168fcea8675ceb66fa7ebcc18ad
-
SHA256
9173e9ef902be1dd114e2266ffa40de382e1664cbb144df862e1248b85624133
-
SHA512
3649aab36e9a67e63a645e616d3b89ada8a75661b4be5ccd8395b03a22626389f8ab4b078ed8e1053ed4528c1179c6691b851ebea2f48f1da1dfa20e7ca8bed3
-
SSDEEP
49152:+lpAdK6OVyIj6aa/umkp2I4wfOAhhnhh0tKfGO/p6Bqh7ua:+bAdhWmvumw2nw2AhhQ4fV6YFua
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Modifies WinLogon for persistence
-
Detects Floxif payload
-
Contacts a large (1299) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Downloads MZ/PE file
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Modifies WinLogon
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
029eba5f696a79d7afe64c7c33e25468.png
-
Size
193B
-
MD5
029eba5f696a79d7afe64c7c33e25468
-
SHA1
a95b5fca76144a1b0799274d53504fa97b08bb3f
-
SHA256
1e77ddbd35ab8510afdd4be11c813ace1ae4480c25b066ff7a6719821fbac652
-
SHA512
1a8744c8505e1cf3b411d0ee7b5c91ae0131a60acc692b564c139ee9e035c93755356fcc14b2d913f17fb5c7e42e4353129c36665671e6f4652890b4a74e94da
Score1/10 -
-
-
Target
26b75430914f6470d475161f1d412359.png
-
Size
136B
-
MD5
26b75430914f6470d475161f1d412359
-
SHA1
812d908b8eec7798f1655d24547eec92ccb694e7
-
SHA256
7adb7114aa0ba784949976cec4a109cc786869533fdfc34a700c5fc1fabab421
-
SHA512
933b791f3d8c96dedb2b24c60252f641e46074f81088048185be0d3841c7a5b539f3c1ae41837ba2291afeee0886521d14459d9265abc5b8c91a5cd6113f48e7
Score1/10 -
-
-
Target
2e6c645f2ef2d4fad4bfa6bc7b9f4c4a.svg
-
Size
1KB
-
MD5
2e6c645f2ef2d4fad4bfa6bc7b9f4c4a
-
SHA1
d1c2238945c6a6652c49c6be9cc8f0c539a6a16f
-
SHA256
07fdb57ddc68700e3c371328dbf9f4eb1ea7919c35be3824090e37a4220cb057
-
SHA512
f66e1ea6542d61294323515351978d980cd7b0977fdbb9c9d5b1d21c47d12115b8e21c9de7e17827910202ad15f1864bcb9f65bcd96c99a324e9357a3d832993
Score1/10 -
-
-
Target
39c3553c73f984144931c1576e3e0085.svg
-
Size
1KB
-
MD5
39c3553c73f984144931c1576e3e0085
-
SHA1
5ffdeca73c7c014d3545d03bcd5c6176dd5553e7
-
SHA256
764d528b5071c801b04d7bce02b1558b9ec569b0bbf906e6337ab878a24d6ee1
-
SHA512
20c1229fc17f1ed1568cfec1801bdb89fb5b6336a6fb5aa3cddb5ed8da046ca1e6c6377f805b1110a68ea5943521957819401053f17b4daf1384afe21d8a1e8c
Score1/10 -
-
-
Target
3ae121120dedf903a043b7a040049620.wav
-
Size
2.2MB
-
MD5
3ae121120dedf903a043b7a040049620
-
SHA1
a86afd3db16d33375193cb7776a92c3ba05efcb4
-
SHA256
2713b3e0db410a9b2832d05ae43453ef68c9bf9c11f8c9aa4f69061c15de0a18
-
SHA512
338d95168b3e2873696c897188bf2cf7012ed589b2a86e39355bde69bae6b23065490d4237ccef3a58f8ed678bbe5e6b10dae397b6892e660ae55978ba3beac4
-
SSDEEP
49152:7qzQg3dO9LoWgOBjv4HdJE0nrHDGJRU/KUSKO:7az3wLoWJt0nrHDGQ1
Score6/10-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
441d10a288265ee57f3b707c3bdfda08.svg
-
Size
2KB
-
MD5
441d10a288265ee57f3b707c3bdfda08
-
SHA1
d1ed0c29483d7c6ef80810f410466b2ef15f9fb1
-
SHA256
1c8da0182ae7e5ee99ec4373b9bc2111fe853c1961db27c25884dcc87a712990
-
SHA512
0853e81cae346826021cb97a25f2cc3dca041e620ea98477f2fc32f8c204039c471d36afcea9858a36824171e559040cd8f0fd85ba3aefdfefef8f0e20713b24
Score1/10 -
-
-
Target
6474b710d50120b4d906b2645f1328b0.svg
-
Size
1KB
-
MD5
6474b710d50120b4d906b2645f1328b0
-
SHA1
4647a6c7a9e38720d1d15e541eecf668a07b94ba
-
SHA256
7b99b26a662d967154a4c7d04d4fd3beb6c61635918de774fecb31fcab5f3c74
-
SHA512
1b662f96706202080edc2d1186f1fe798c165c3de8bd9bde1a38ae35ef3f431f704bdbbc4c5bb18c7b3a30e6d34bab20368fa5a62b535ba2f486e942abc2c2ce
Score1/10 -
-
-
Target
6ed6d8a8e3d96ccf6f4e75d2848d29bf.png
-
Size
621B
-
MD5
6ed6d8a8e3d96ccf6f4e75d2848d29bf
-
SHA1
1188a86ac5f5bbc315a256f06069e3d78e3fd685
-
SHA256
4a65f5666997496e56138f774d9f15b4f8298d17a772ec523b9ce797372e7f04
-
SHA512
7dca6066dc1860184c22aa37748076a615e054c6b318c82959f3d7bbd2ca28fee1b6868015808e0b2e09481c257c1876f4304992758f641db65387f4e24a0e49
Score1/10 -
-
-
Target
747c1b576f350df4cfd6cc07055cd4b9.png
-
Size
367B
-
MD5
747c1b576f350df4cfd6cc07055cd4b9
-
SHA1
84dd7162c6b47729fad212b24903386089579f81
-
SHA256
e2899d76da65a2126b16d271351791474d97b28ff89709f1345418fbe28c2094
-
SHA512
0d6b0950a5d7b6f2642130db793a79a5bbdf644a0c0519d07feda2be87d5540090ceb274f58892dd52fa2d876317e8c507ed171e6aff1fc79f2a79eaa0805f77
Score1/10 -
-
-
Target
83a9787d4cb6f3b7632b4ddfebf74367.wav
-
Size
560B
-
MD5
83a9787d4cb6f3b7632b4ddfebf74367
-
SHA1
0f21d1f3fe04a9843413c3fb35cd7a01ffde632f
-
SHA256
fb8c18242813d8763cccf5f6077daf44b672d0088f5d3688cca29d621b4959cc
-
SHA512
c77fb51a78c3928a7567ebca53f1f38ad4c93a2b4f63a25056ff11527a390fbb595ee371c17f015ffb7458f154424e0eb733ff3e6c9514d35863c053b54e919a
Score6/10-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
83c36d806dc92327b9e7049a565c6bff.wav
-
Size
36KB
-
MD5
83c36d806dc92327b9e7049a565c6bff
-
SHA1
130e24c26b34bda9c0d5dd66c721c94d563b31bd
-
SHA256
427afe9d62874d41401d01558d48bec98f26d675e4480b073835576ed1ff499d
-
SHA512
cf38e2bdf80e4711b759994b0ca8da631eeb11be8bdcbd39c76947d1729951d6a36b1cfd2dff6e55b7deb84e74aa6c46df0bfdbb182ee29c2a1f2d1094b1e319
-
SSDEEP
768:bvgXpAqmp5xPlFzMWHxgFVrc+hEfB4C7fGItV5cWBcKTz5qMR+:bYXpaHXzMnFtcdBz5tvZiKf5t
Score6/10-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
9d89e27da905e4ce9c76b66f0a905c1f.png
-
Size
4KB
-
MD5
9d89e27da905e4ce9c76b66f0a905c1f
-
SHA1
c74024fc4e10e14c3fec6dbc13a8fbf57b310fbb
-
SHA256
b6baf6f1617e78948254d801ac4abc23d84e3b45d03aa4c039c0085618afce94
-
SHA512
9fb5b78542db3792ca13ef7e93b3468884dea76288495fbaf9c4fd8741cd77e384438b1f1b5c5d56d080efc8b237e7ce9527e4657903487623f9c259102448fd
-
SSDEEP
96:j3prC0RQX69zdHGGCkljIfNDwYPq5Lee0RLsRHAkok95QcKkrakZP3OkUBgnrEPs:j3pPQK9zdHGGCkljIfNDwYPq5Lee0RLk
Score1/10 -
-
-
Target
a1892a9c76790b7be4707add30384d8e.png
-
Size
176B
-
MD5
a1892a9c76790b7be4707add30384d8e
-
SHA1
503bb4e34baad76e88db9b4e7cebb196626ad015
-
SHA256
4c60733aeded0c5b2b1fb99c33ead2adf36aa6d734b47e48ab77bfc681d442b3
-
SHA512
e7ef74b8921a1f2eba9b8f14274d0069a1b689dc5777a6bbeeedd970849731b14f3225098831629a1c37bb904d1c0081fff8da33a14b9abbb7209b32149982ba
Score1/10 -
-
-
Target
a1f941cd04924aff380ef6f30ee42829.png
-
Size
135B
-
MD5
a1f941cd04924aff380ef6f30ee42829
-
SHA1
7b44486ffec7d4a455f2e667a2c58305f41980d2
-
SHA256
50a29b28bc8f521d9970e10337b71e7f7c722945f7cab8d3e0798bb8ae1359be
-
SHA512
0afb1d505a7e47f1aa132a5abe4c1714f85574d460524009277c9fab99358c5fb163e0a11cc703bacafcd9bac9ff714643b15b50f61965c159f59d44786ee5b8
Score1/10 -
-
-
Target
b61b1077b0ea1931abee9dbbfa7903ff.png
-
Size
3KB
-
MD5
b61b1077b0ea1931abee9dbbfa7903ff
-
SHA1
cf6baeaaf7dee4b9a70a060e53f964815a9026e0
-
SHA256
9b23fab36ea581aa70025cafd60b9e718f07604bef963a41b7969f07c974586f
-
SHA512
ffeef10532837931301b8c60a8e20fa195b79195e02903b34a099480f40678c2345a8e56ff4d627a219116102a3f0cbc827cb0c410176abc2b806015a61108eb
Score1/10 -
-
-
Target
b7affffe5a4f8d94c45570fbf2cdd5cf.svg
-
Size
1KB
-
MD5
b7affffe5a4f8d94c45570fbf2cdd5cf
-
SHA1
c1b033d248bda946b0accbac29cdcd1a72a8b142
-
SHA256
50fe4015705492a43105cfc80f785c4fea979bc66ba396323e245e63d317ab5d
-
SHA512
bd86025f175ae03e7abd7baef7a81ca82bc0d310e3740c954f9da99f6285109166139978c1391b99af0a582e609d3ea34af7e27f3e322a8e93789714ffc5d48e
Score1/10 -
-
-
Target
be386d46002a638111d8926ac561c82b.png
-
Size
4KB
-
MD5
be386d46002a638111d8926ac561c82b
-
SHA1
39cf77e16f95dd95dfaf01511f8338a993e5826a
-
SHA256
817d9dcce9e4ef3a5787ddada851fe110d2bb2169525530659ca91a2cdacfb7a
-
SHA512
8ca2382ec438707e5fbe8090f71bce325c24e54e402f4605df49f8300de9b55d417d3e0af2fcee3000994566e523ede6f067214debaa47674f2479ea52e75b3b
-
SSDEEP
96:kHeScDTkGeScDTkGHeSDTkGHAyT7f8FgzTIcJ0YCJkxD9DTkGHeScDUcDTkGHeSy:kHeScDTkGeScDTkGHeSDTkGHAyT7f8Fo
Score1/10 -
-
-
Target
c0787d4875aac1ae138e43cb9b086d6f.wav
-
Size
1KB
-
MD5
c0787d4875aac1ae138e43cb9b086d6f
-
SHA1
0057aec829f7ae50065c22c94cd5f09f0ee5be53
-
SHA256
adccd6120ba4e49441ca61d64fffee59054f15982d06d96231c4fca0a0bdd1a3
-
SHA512
0da461cd3227f2c361663dd1970f525d113cf3fa380d9547c80fc6f5689dfb7b9f8779a1aecafd939fe26edbd1f761a51a5a2f98ccdc9468e43adfd0e4e22cf1
Score6/10-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
d9a7d9c3ed551e7c59e40355d2d4bb71.svg
-
Size
1KB
-
MD5
d9a7d9c3ed551e7c59e40355d2d4bb71
-
SHA1
c87979821143f22a588c7adb7276fae010b5924c
-
SHA256
ef7f351703a227f6a3490d6a230d1d90180373d16b975d170dc735677600f9dc
-
SHA512
d6fb8a56a363f0b1526b3b8d05bb51f0c17e8885686ee902dd072f5ece38fe3a4679e69908c936d1311444dcdc8b98cad293709b93b6fc00d98405d0bf8bd3c6
Score1/10 -
-
-
Target
e71ee248e312e7594ba9ff2e43147455.png
-
Size
134B
-
MD5
e71ee248e312e7594ba9ff2e43147455
-
SHA1
47ce99388082f027a7a0fc286450ca0b1c313922
-
SHA256
c3f86bd270849196ca920c6cf468aed86298e51ee6e2e9ca6499f96cb3d46cb2
-
SHA512
bbd7c7acb3dc2e9a296d7f2ef84a4a58fda4fe042fd9f4346129d889f4d0988401ee26da92373e9e7e2271288fdcdafa918797f29efc0daa3b03d9b1637244a8
Score1/10 -
-
-
Target
e73f69c9601eb421eb5d85dcb9217f03.wav
-
Size
1KB
-
MD5
e73f69c9601eb421eb5d85dcb9217f03
-
SHA1
ad2ee45a7e511e57162c226ae45f9f2155b221af
-
SHA256
ac62d7fae9d8a2b9e65f634cc2d29aef5d6b4b7cb92c5f746f8a6d1f0d1b7908
-
SHA512
2996f5c8680729eb1d6d6cd5ff230a94f5ce2948a603a6949d7599451512c6977eec5916dac4c93eebc1917dbe510aab33a2f2b583c3ddf5cda124ac8c82bbea
Score6/10-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
f32620d2f215d5b6648be028be4cc079.svg
-
Size
3KB
-
MD5
f32620d2f215d5b6648be028be4cc079
-
SHA1
a325d24ba077dad17cf4443a8416a9938134fff0
-
SHA256
d86ded9667e1a2345e59b3580361fdf2b3509239a614582cdb23917c6e1c8d6d
-
SHA512
0870b44eaf5a86af55d9fed19e05f35f00f27d063772f99b27bdb83a17c14eec6aa0012bec8811791c5ad065a3cbe2508e19e4618cdbe26a575e9944b7bde840
Score1/10 -
-
-
Target
project.json
-
Size
103KB
-
MD5
5026eab3436ed2fe46fff309cdd115ba
-
SHA1
a6d5fda3e24c6687337d73b0a2306fe538ffab25
-
SHA256
75e3d5219d2daf096d5730887f73f9055931e0016b0946027a74d3f77af4c4d8
-
SHA512
12bd3360d2118bbe3646116044a93d845003631db032e3e0e4f97b07657defe6b4de7ee41d99919b1c77908318e3f624a7358d0b45ef87f4f8c6b62789eb41f3
-
SSDEEP
768:r9ipyZxRDLsrPP7jfQH2yIzRO3znRog/pxdhXigl/RQn+roCWr2ql0zLR4RldGZe:ZVgKzxtPqjV+mGRU0yn+bn17B/qRn
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
1Winlogon Helper DLL
2Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
1Winlogon Helper DLL
2Event Triggered Execution
1Change Default File Association
1Defense Evasion
Impair Defenses
1Safe Mode Boot
1Modify Registry
6Subvert Trust Controls
2SIP and Trust Provider Hijacking
2