General

  • Target

    2024-09-10_efacceffeaa706409cbd8d54b9e90f09_floxif_mafia

  • Size

    2.5MB

  • Sample

    240910-prbxrswcjd

  • MD5

    efacceffeaa706409cbd8d54b9e90f09

  • SHA1

    a9aa56bdbf02cb938a4d242101dd2962b5e43863

  • SHA256

    75faa48204ab0965001623f1e60504a2093a654e7fdb001bab6111f277278b67

  • SHA512

    3c464526cdc528fd0dab3a513ad587d921b1e52d1c53204478035e8fc6d4777dda428289245e9eee6ea3e3f9d27bd7ca276fee766540aec71aba788ace1fa2c3

  • SSDEEP

    49152:pmhcbMDOyZL0vN3iKFqOw7XYym7U4aFvsO1CThFhu7vLruwqf+t1q:pmpiyZAvN3OOw7XSU4aFvsO1X7v4

Malware Config

Targets

    • Target

      2024-09-10_efacceffeaa706409cbd8d54b9e90f09_floxif_mafia

    • Size

      2.5MB

    • MD5

      efacceffeaa706409cbd8d54b9e90f09

    • SHA1

      a9aa56bdbf02cb938a4d242101dd2962b5e43863

    • SHA256

      75faa48204ab0965001623f1e60504a2093a654e7fdb001bab6111f277278b67

    • SHA512

      3c464526cdc528fd0dab3a513ad587d921b1e52d1c53204478035e8fc6d4777dda428289245e9eee6ea3e3f9d27bd7ca276fee766540aec71aba788ace1fa2c3

    • SSDEEP

      49152:pmhcbMDOyZL0vN3iKFqOw7XYym7U4aFvsO1CThFhu7vLruwqf+t1q:pmpiyZAvN3OOw7XSU4aFvsO1X7v4

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks