floxif | c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9 | Triage

Submit
Reports

Overview

overview

Static

static

1

c665d6a104...c9.exe

windows7-x64

c665d6a104...c9.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9
Size

2.7MB
Sample

240811-xfpngssenn
MD5

67d1fac329ee6bec9e77fcb15421bc3e
SHA1

d8358b133f80af44854080a7ae8102e8874d6545
SHA256

c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9
SHA512

48aa856206f9f4443a2bbcf6040a1a3ca1ad6d98500412477551f2fc87bb44c737a03aa84251f3f6d8855d8ac92130c9cba0e14243d43358b2ed3e8409f42250
SSDEEP

49152:zPE6vXDUOYQMqclLy0wsXuhXabboP4ACQDADnmCwlzI8ndJyw+AZ/WY4N2WwW/Kz:LFvXfMFLySXuhXa/oP4ACYADnmCMI+y4

Score

10^/10

floxif backdoor discovery trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9.exe

Resource

win7-20240704-en

floxif backdoor discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9.exe

Resource

win10v2004-20240802-en

floxif backdoor discovery trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9
- Size
  
  2.7MB
- MD5
  
  67d1fac329ee6bec9e77fcb15421bc3e
- SHA1
  
  d8358b133f80af44854080a7ae8102e8874d6545
- SHA256
  
  c665d6a104ca1284632a638977bde8ee70ccb4e398e51e5f9f52454607a3d3c9
- SHA512
  
  48aa856206f9f4443a2bbcf6040a1a3ca1ad6d98500412477551f2fc87bb44c737a03aa84251f3f6d8855d8ac92130c9cba0e14243d43358b2ed3e8409f42250
- SSDEEP
  
  49152:zPE6vXDUOYQMqclLy0wsXuhXabboP4ACQDADnmCwlzI8ndJyw+AZ/WY4N2WwW/Kz:LFvXfMFLySXuhXa/oP4ACYADnmCMI+y4
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

floxifbackdoordiscoverytrojanupx

behavioral2

floxifbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy