General
-
Target
cd1700de35e817924ef791b980ed83c90068a04e5e4bfd23dc612fc9756237e1
-
Size
2.7MB
-
Sample
250303-wn31eavsdv
-
MD5
dcfcb351c6b68ce9234dcd5aca56f664
-
SHA1
a3793e987286ffb3489f617ecea73d883c457401
-
SHA256
cd1700de35e817924ef791b980ed83c90068a04e5e4bfd23dc612fc9756237e1
-
SHA512
455de72d7784f781722fb1f8fec9462fff15a5dd446d0a7b4254ddbd1f65aefa7c8adb6f1c07537c329856173874291f97c660e6b272f369951a4ee9f45cda9c
-
SSDEEP
49152:zPE6vXDUOYQMqclLE0wsXuhXabboP4ACQDAknmCwlzI8ndwyw+AZ/WY4N2WwW/Kj:LFvXfMFLESXuhXa/oP4ACYAknmCMI7yc
Malware Config
Targets
-
-
Target
cd1700de35e817924ef791b980ed83c90068a04e5e4bfd23dc612fc9756237e1
-
Size
2.7MB
-
MD5
dcfcb351c6b68ce9234dcd5aca56f664
-
SHA1
a3793e987286ffb3489f617ecea73d883c457401
-
SHA256
cd1700de35e817924ef791b980ed83c90068a04e5e4bfd23dc612fc9756237e1
-
SHA512
455de72d7784f781722fb1f8fec9462fff15a5dd446d0a7b4254ddbd1f65aefa7c8adb6f1c07537c329856173874291f97c660e6b272f369951a4ee9f45cda9c
-
SSDEEP
49152:zPE6vXDUOYQMqclLE0wsXuhXabboP4ACQDAknmCwlzI8ndwyw+AZ/WY4N2WwW/Kj:LFvXfMFLESXuhXa/oP4ACYAknmCMI7yc
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-