General

  • Target

    2024-07-27_c10ea663652c7e6fc3bfb44c018bc2d2_floxif_hijackloader_mafia

  • Size

    2.7MB

  • Sample

    240727-pswzbsshra

  • MD5

    c10ea663652c7e6fc3bfb44c018bc2d2

  • SHA1

    875e64385ca94e869c89f83aa8cee83a2618d06b

  • SHA256

    97b172f3fb031b6ba4135cc6dd2e7ad4dfd589b0dcfe252afa605d97a8665251

  • SHA512

    f629222e8f224c5541554d8a81a142b8092de15cfcbbb235262f938f8eb93877e27298c197877f2c44e1a1a1e533d3cb7fa773cc2efee971073131d3f6d2ad61

  • SSDEEP

    49152:zPE6vX/UOYQMqclLy0wsXuhXabboP4ACQDAknmCwlzI8ndAyw+AZ/WY4N2WwW/K3:LFvXzMFLySXuhXa/oP4ACYAknmCMIbyY

Malware Config

Targets

    • Target

      2024-07-27_c10ea663652c7e6fc3bfb44c018bc2d2_floxif_hijackloader_mafia

    • Size

      2.7MB

    • MD5

      c10ea663652c7e6fc3bfb44c018bc2d2

    • SHA1

      875e64385ca94e869c89f83aa8cee83a2618d06b

    • SHA256

      97b172f3fb031b6ba4135cc6dd2e7ad4dfd589b0dcfe252afa605d97a8665251

    • SHA512

      f629222e8f224c5541554d8a81a142b8092de15cfcbbb235262f938f8eb93877e27298c197877f2c44e1a1a1e533d3cb7fa773cc2efee971073131d3f6d2ad61

    • SSDEEP

      49152:zPE6vX/UOYQMqclLy0wsXuhXabboP4ACQDAknmCwlzI8ndAyw+AZ/WY4N2WwW/K3:LFvXzMFLySXuhXa/oP4ACYAknmCMIbyY

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks