floxif | 044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5 | Triage

Submit
Reports

Overview

overview

Static

static

044e2e19e2...b5.dll

windows7-x64

8

044e2e19e2...b5.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5
Size

76KB
Sample

240703-wwp4hstblg
MD5

81cc6fb1d150bb15b22413607b0ef8bd
SHA1

171573d6b907de9bebee3f4f4a908daab2f66e9e
SHA256

044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5
SHA512

7b026ba7f7c701db929d96c798ecabdcf564b9db1ea7913431e1bb4a36b0e24e3a6caca8a2e575307b11c6ffc67fb71ad58987b40c9ada4c2d892ec28b1de337
SSDEEP

1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z9KOE8W9+B:c8y93KQjy7G55riF1cMo03LKOb

Score

10^/10

floxif backdoor persistence privilege_escalation upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5.dll

Resource

win7-20240508-en

persistence privilege_escalation upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5
- Size
  
  76KB
- MD5
  
  81cc6fb1d150bb15b22413607b0ef8bd
- SHA1
  
  171573d6b907de9bebee3f4f4a908daab2f66e9e
- SHA256
  
  044e2e19e21ebf0739bfec78ad537906c4dd98e92132aa6a5d1edab0bcb647b5
- SHA512
  
  7b026ba7f7c701db929d96c798ecabdcf564b9db1ea7913431e1bb4a36b0e24e3a6caca8a2e575307b11c6ffc67fb71ad58987b40c9ada4c2d892ec28b1de337
- SSDEEP
  
  1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Z9KOE8W9+B:c8y93KQjy7G55riF1cMo03LKOb
Score

8^/10

persistence privilege_escalation upx
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorupxfloxif

behavioral1

persistenceprivilege_escalationupx

behavioral2

© 2018-2025

Terms | Privacy