General
-
Target
37e6ef7513d6530fc826eddcd3379334c26969f6a26707937ea7d818f033e08e
-
Size
2.0MB
-
Sample
250423-zm2bzazwez
-
MD5
06c615e09d760b5eeca95c2718cde0d6
-
SHA1
128c10c3c5c64b578ad006ae09811621a2954bfd
-
SHA256
37e6ef7513d6530fc826eddcd3379334c26969f6a26707937ea7d818f033e08e
-
SHA512
0bba6059be479fc2b0843c8b7810dc03937fd46425a7d0b299c7cad693ded1d21e51cd9254bdf76f70e4fe5e41a82c9ce3c7b0816f7bea7eefd38b1852abb48e
-
SSDEEP
49152:IyeqbSRHx/EEuAwrPgG2yuIX88tyC5+/7hFa3Y/wv1qQ:IgEHxErPgG2yuIX88tyC5+/7hFa3Y/Mx
Malware Config
Targets
-
-
Target
37e6ef7513d6530fc826eddcd3379334c26969f6a26707937ea7d818f033e08e
-
Size
2.0MB
-
MD5
06c615e09d760b5eeca95c2718cde0d6
-
SHA1
128c10c3c5c64b578ad006ae09811621a2954bfd
-
SHA256
37e6ef7513d6530fc826eddcd3379334c26969f6a26707937ea7d818f033e08e
-
SHA512
0bba6059be479fc2b0843c8b7810dc03937fd46425a7d0b299c7cad693ded1d21e51cd9254bdf76f70e4fe5e41a82c9ce3c7b0816f7bea7eefd38b1852abb48e
-
SSDEEP
49152:IyeqbSRHx/EEuAwrPgG2yuIX88tyC5+/7hFa3Y/wv1qQ:IgEHxErPgG2yuIX88tyC5+/7hFa3Y/Mx
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Network Service Discovery
Attempt to gather information on host's network.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-