General
-
Target
7103b5fd02ccbae182523cd4394273452754ba6d0a1c2b5faaf481865c4a1a27
-
Size
2.5MB
-
Sample
250304-bvewyawjw9
-
MD5
9fa7798137e5d808dcfcbeb0102aaf63
-
SHA1
42459ade243eeacfe23dc537d3bf9986387d09f0
-
SHA256
7103b5fd02ccbae182523cd4394273452754ba6d0a1c2b5faaf481865c4a1a27
-
SHA512
5adc022b4e9d18709b6da2c7c51a78cd3ba70b47b3a9d4fa98251b871996bea0ecd6299bd38544f85af2aecd0573a9b8bcbcdfcde1bd77312da2c2494f854318
-
SSDEEP
49152:bfSAGd+DWrdLqTKf+Kzb+wxVuzGap+Gaie:7SAGdEWrUTK+KuwxVuzGape
Malware Config
Targets
-
-
Target
7103b5fd02ccbae182523cd4394273452754ba6d0a1c2b5faaf481865c4a1a27
-
Size
2.5MB
-
MD5
9fa7798137e5d808dcfcbeb0102aaf63
-
SHA1
42459ade243eeacfe23dc537d3bf9986387d09f0
-
SHA256
7103b5fd02ccbae182523cd4394273452754ba6d0a1c2b5faaf481865c4a1a27
-
SHA512
5adc022b4e9d18709b6da2c7c51a78cd3ba70b47b3a9d4fa98251b871996bea0ecd6299bd38544f85af2aecd0573a9b8bcbcdfcde1bd77312da2c2494f854318
-
SSDEEP
49152:bfSAGd+DWrdLqTKf+Kzb+wxVuzGap+Gaie:7SAGdEWrUTK+KuwxVuzGape
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-