floxif | 281e2fd88a9d93fef1cbea4630166b3118a7cb7b0b3d66760f25e87afa3d66ac | Triage

Submit
Reports

Overview

overview

Static

static

4d18c40f2e...0N.dll

windows7-x64

8

4d18c40f2e...0N.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

4d18c40f2e75d3a2c05f4f18e6ff66c0N.exe
Size

76KB
Sample

240817-exv8gsxamf
MD5

4d18c40f2e75d3a2c05f4f18e6ff66c0
SHA1

6023904df47b3f9a7056e4c239ad4fb538ca1925
SHA256

281e2fd88a9d93fef1cbea4630166b3118a7cb7b0b3d66760f25e87afa3d66ac
SHA512

e38a7fb522e76e5fe7080a2033bded4e95d327916c7c97708e36829b0eff5297cc58f43bf52ad033351204e728d981fa5119021e105af2ee4ab005c9ae690ef5
SSDEEP

1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zytv:c8y93KQjy7G55riF1cMo03Wv

Score

10^/10

floxif backdoor discovery persistence privilege_escalation upx

Static task

static1

backdoor upx floxif

5 signatures

Behavioral task

behavioral1

Sample

4d18c40f2e75d3a2c05f4f18e6ff66c0N.dll

Resource

win7-20240729-en

discovery persistence privilege_escalation upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

4d18c40f2e75d3a2c05f4f18e6ff66c0N.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Targets

- Target
  
  4d18c40f2e75d3a2c05f4f18e6ff66c0N.exe
- Size
  
  76KB
- MD5
  
  4d18c40f2e75d3a2c05f4f18e6ff66c0
- SHA1
  
  6023904df47b3f9a7056e4c239ad4fb538ca1925
- SHA256
  
  281e2fd88a9d93fef1cbea4630166b3118a7cb7b0b3d66760f25e87afa3d66ac
- SHA512
  
  e38a7fb522e76e5fe7080a2033bded4e95d327916c7c97708e36829b0eff5297cc58f43bf52ad033351204e728d981fa5119021e105af2ee4ab005c9ae690ef5
- SSDEEP
  
  1536:YjV8y93KQpFQmPLRk7G50zy/riF12jvRyo0hQk7Zytv:c8y93KQjy7G55riF1cMo03Wv
Score

8^/10

discovery persistence privilege_escalation upx
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

backdoorupxfloxif

behavioral1

discoverypersistenceprivilege_escalationupx

behavioral2

© 2018-2025

Terms | Privacy