floxif | e4b7e17c5d5fb155b5cf836dec4e3ec3fa2ba12850814d1f0e62b04d97a10016 | Triage

Submit
Reports

Overview

overview

Static

static

9887989b23...0N.dll

windows7-x64

8

9887989b23...0N.dll

windows10-2004-x64

7

Sharing

General

Target

9887989b2396fb8cea5425f34ba79fc0N.exe
Size

76KB
Sample

240727-f5fcnszblk
MD5

9887989b2396fb8cea5425f34ba79fc0
SHA1

010d6d3d7f47d31951ac4334a165b7331bd0cd97
SHA256

e4b7e17c5d5fb155b5cf836dec4e3ec3fa2ba12850814d1f0e62b04d97a10016
SHA512

13bf8b5dc4351e2fd5fb7f05e4c5c0881e1194164eb192f4773d543d08e0c5cdcdf4e6551132c6b786c1a3fcc5ba15f9344d9143a5ed0863b69ed7ed4f0f46d5
SSDEEP

1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZCqvKz:c8y93KQjy7G55riF1cMo031vKz

Score

10^/10

floxif backdoor discovery persistence privilege_escalation upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

9887989b2396fb8cea5425f34ba79fc0N.dll

Resource

win7-20240708-en

discovery persistence privilege_escalation upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

9887989b2396fb8cea5425f34ba79fc0N.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Targets

- Target
  
  9887989b2396fb8cea5425f34ba79fc0N.exe
- Size
  
  76KB
- MD5
  
  9887989b2396fb8cea5425f34ba79fc0
- SHA1
  
  010d6d3d7f47d31951ac4334a165b7331bd0cd97
- SHA256
  
  e4b7e17c5d5fb155b5cf836dec4e3ec3fa2ba12850814d1f0e62b04d97a10016
- SHA512
  
  13bf8b5dc4351e2fd5fb7f05e4c5c0881e1194164eb192f4773d543d08e0c5cdcdf4e6551132c6b786c1a3fcc5ba15f9344d9143a5ed0863b69ed7ed4f0f46d5
- SSDEEP
  
  1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7ZCqvKz:c8y93KQjy7G55riF1cMo031vKz
Score

8^/10

discovery persistence privilege_escalation upx
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

backdoorupxfloxif

behavioral1

discoverypersistenceprivilege_escalationupx

behavioral2

© 2018-2024

Terms | Privacy