General

  • Target

    2024-07-31_d8c5b064bc920672b56fc4a4ab8bc67a_floxif_icedid

  • Size

    978KB

  • Sample

    240731-bhbnrashjg

  • MD5

    d8c5b064bc920672b56fc4a4ab8bc67a

  • SHA1

    5c68b297920e42cae7018e7cbfd0ed257b367aa2

  • SHA256

    77241292dbb216ddc66f708059617987030199be7b0aad46f3d04fe22e4b4b02

  • SHA512

    dd11197edf3189084f6c064c2c69b35c2ebf589562049cab3e3a48809d1cba856167b0ebc8474ecd88a2b59e9ed6d78b1cc5291ef913c3c20ed2427bb8acf368

  • SSDEEP

    24576:C20FQ/d5tH1YpWw0XxJRatjp8CJm1HMRGJ/qofpg:ChFyVYpWwQ7sXAh1qj

Malware Config

Targets

    • Target

      2024-07-31_d8c5b064bc920672b56fc4a4ab8bc67a_floxif_icedid

    • Size

      978KB

    • MD5

      d8c5b064bc920672b56fc4a4ab8bc67a

    • SHA1

      5c68b297920e42cae7018e7cbfd0ed257b367aa2

    • SHA256

      77241292dbb216ddc66f708059617987030199be7b0aad46f3d04fe22e4b4b02

    • SHA512

      dd11197edf3189084f6c064c2c69b35c2ebf589562049cab3e3a48809d1cba856167b0ebc8474ecd88a2b59e9ed6d78b1cc5291ef913c3c20ed2427bb8acf368

    • SSDEEP

      24576:C20FQ/d5tH1YpWw0XxJRatjp8CJm1HMRGJ/qofpg:ChFyVYpWwQ7sXAh1qj

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Network Service Discovery

      Attempt to gather information on host's network.

MITRE ATT&CK Enterprise v15

Tasks