General

  • Target

    2024-09-26_240958b36e02e8a769867343efed846a_floxif_mafia

  • Size

    291KB

  • Sample

    240926-fdhcysyapn

  • MD5

    240958b36e02e8a769867343efed846a

  • SHA1

    afab52f307366c21be8deeb98ebcc9be37b996d0

  • SHA256

    efcaec19b9e72a3377cc50efe6bac5b27bbf269a35c19f126d21debf0c7d6dc3

  • SHA512

    f5fe69ce774db265bbdd03a73500fec886f275a1fe43ce3450eb8def7fc436e8df8cfe1ae25bc588fd1418fad484cdc2762530c70d7a94738939acd5af30c00d

  • SSDEEP

    6144:dJSPTXSlW3ALmY3vdBV+UdvrEFp7hKsMP:/SbXSuovdBjvrEH7MP

Malware Config

Targets

    • Target

      2024-09-26_240958b36e02e8a769867343efed846a_floxif_mafia

    • Size

      291KB

    • MD5

      240958b36e02e8a769867343efed846a

    • SHA1

      afab52f307366c21be8deeb98ebcc9be37b996d0

    • SHA256

      efcaec19b9e72a3377cc50efe6bac5b27bbf269a35c19f126d21debf0c7d6dc3

    • SHA512

      f5fe69ce774db265bbdd03a73500fec886f275a1fe43ce3450eb8def7fc436e8df8cfe1ae25bc588fd1418fad484cdc2762530c70d7a94738939acd5af30c00d

    • SSDEEP

      6144:dJSPTXSlW3ALmY3vdBV+UdvrEFp7hKsMP:/SbXSuovdBjvrEH7MP

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks