General

  • Target

    2024-08-15_a1f0fe890c26a5e3a35d16b9e2425f03_floxif_mafia

  • Size

    708KB

  • Sample

    240815-stnk5ayeqh

  • MD5

    a1f0fe890c26a5e3a35d16b9e2425f03

  • SHA1

    05f7224e84a03396a521c861ed13659fc1970834

  • SHA256

    fd930782aca92b8fbfaf41bc3cfd3a9045ca7c2a2371054a83bbcea16b45bf46

  • SHA512

    3548a2cf839d7cd525d819dcccbb0a22710a9bbfe531de96a1388acdcf172e6b34e940f9f2c450bc41d32057764e9bbda8d5adf9b57f5b6420f65ea1e8eec2b6

  • SSDEEP

    12288:uvN7t3capRpLJt9LGCJpBQlxO72sZTsWbVKFFf3FRcow6JVBjvrEH7b:uNtMapztL9pCVsZTnbVy9FRcVKbrEH7b

Malware Config

Targets

    • Target

      2024-08-15_a1f0fe890c26a5e3a35d16b9e2425f03_floxif_mafia

    • Size

      708KB

    • MD5

      a1f0fe890c26a5e3a35d16b9e2425f03

    • SHA1

      05f7224e84a03396a521c861ed13659fc1970834

    • SHA256

      fd930782aca92b8fbfaf41bc3cfd3a9045ca7c2a2371054a83bbcea16b45bf46

    • SHA512

      3548a2cf839d7cd525d819dcccbb0a22710a9bbfe531de96a1388acdcf172e6b34e940f9f2c450bc41d32057764e9bbda8d5adf9b57f5b6420f65ea1e8eec2b6

    • SSDEEP

      12288:uvN7t3capRpLJt9LGCJpBQlxO72sZTsWbVKFFf3FRcow6JVBjvrEH7b:uNtMapztL9pCVsZTnbVy9FRcVKbrEH7b

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks