General
-
Target
2025-04-24_05961a2f5f420df81eac3bae4dff6683_amadey_avoslocker_black-basta_cobalt-strike_elex_floxif_luca-stealer
-
Size
665KB
-
Sample
250424-kqlncsyp13
-
MD5
05961a2f5f420df81eac3bae4dff6683
-
SHA1
ce9daa546f05a54c3b44e066e51746d6be17d441
-
SHA256
f6ccde93a6d0171ce9fc2ee43aed4e4a6b2fce5e7112bbf072609d240bce74e3
-
SHA512
c5b1a5b46f91a0c14dcbded80d681687fbe2975ffb81b77a1d3693807ba0ed18207d1571ca90d1ed01a5217a201720d96a20a1cdcdcde6ae67567f3c913f13a8
-
SSDEEP
12288:XubXc6IafJcLln5QwnVWqqPIBONhxsU/EbBjvrEH7F6:Xuri90r/xsU/EhrEH7o
Malware Config
Targets
-
-
Target
2025-04-24_05961a2f5f420df81eac3bae4dff6683_amadey_avoslocker_black-basta_cobalt-strike_elex_floxif_luca-stealer
-
Size
665KB
-
MD5
05961a2f5f420df81eac3bae4dff6683
-
SHA1
ce9daa546f05a54c3b44e066e51746d6be17d441
-
SHA256
f6ccde93a6d0171ce9fc2ee43aed4e4a6b2fce5e7112bbf072609d240bce74e3
-
SHA512
c5b1a5b46f91a0c14dcbded80d681687fbe2975ffb81b77a1d3693807ba0ed18207d1571ca90d1ed01a5217a201720d96a20a1cdcdcde6ae67567f3c913f13a8
-
SSDEEP
12288:XubXc6IafJcLln5QwnVWqqPIBONhxsU/EbBjvrEH7F6:Xuri90r/xsU/EhrEH7o
Score10/10-
Floxif family
-
Floxif, Floodfix
Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-