Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-03_1c4c6db143468a680d5e0fd4003f9b5e_floxif_mafia

  • Size

    1.8MB

  • Sample

    240903-plwpzsxfnf

  • MD5

    1c4c6db143468a680d5e0fd4003f9b5e

  • SHA1

    bd05700691eb573643c936baca2e3da5b63ed846

  • SHA256

    96b693bc080c2b58c06b550499b1891f1f29b453d6f0646fbfbf1b7ace7ba0df

  • SHA512

    f5c973830d548324cd82f94d9bd8de59597de5b513ab65251f80fdae71446805dadc51f8c208fd216396837d7f1acdb3201dd17285c92ad69bb61cc1eda697fb

  • SSDEEP

    49152:/iv3hFN5jS9XvPus8Znfb9Klx50BbV1Hv0AksXE67fhfdJ98Iu:+3h5jSFPuswnD9Klx50FVNx506ThfdJo

Malware Config

Targets

    • Target

      2024-09-03_1c4c6db143468a680d5e0fd4003f9b5e_floxif_mafia

    • Size

      1.8MB

    • MD5

      1c4c6db143468a680d5e0fd4003f9b5e

    • SHA1

      bd05700691eb573643c936baca2e3da5b63ed846

    • SHA256

      96b693bc080c2b58c06b550499b1891f1f29b453d6f0646fbfbf1b7ace7ba0df

    • SHA512

      f5c973830d548324cd82f94d9bd8de59597de5b513ab65251f80fdae71446805dadc51f8c208fd216396837d7f1acdb3201dd17285c92ad69bb61cc1eda697fb

    • SSDEEP

      49152:/iv3hFN5jS9XvPus8Znfb9Klx50BbV1Hv0AksXE67fhfdJ98Iu:+3h5jSFPuswnD9Klx50FVNx506ThfdJo

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks