General

  • Target

    2024-09-26_9e1ff3910a11536b521a01210406c573_floxif_mafia

  • Size

    519KB

  • Sample

    240926-fk53la1hla

  • MD5

    9e1ff3910a11536b521a01210406c573

  • SHA1

    cebc562f9526fc08175d1ec6352a95d943f3d4ef

  • SHA256

    48f0b193564a96158ea65656e8ac62e397b4ff30a30eaca717bb93234cad11b3

  • SHA512

    f5dce782ba434b8c4d12a45c2206c36845d2ebe1f18be72133d718cb2020495a633d5c05044b3245a623b506e8154505a74af9b83cec1ded72969a9a5de5ca82

  • SSDEEP

    12288:TqyRLu5aCWoevfZ1PUxHaoA7XGbdOv4c54e08MGHxBjvrEH7Uy:T3GeAxH1A7XGsvF54e08MGPrEH71

Malware Config

Targets

    • Target

      2024-09-26_9e1ff3910a11536b521a01210406c573_floxif_mafia

    • Size

      519KB

    • MD5

      9e1ff3910a11536b521a01210406c573

    • SHA1

      cebc562f9526fc08175d1ec6352a95d943f3d4ef

    • SHA256

      48f0b193564a96158ea65656e8ac62e397b4ff30a30eaca717bb93234cad11b3

    • SHA512

      f5dce782ba434b8c4d12a45c2206c36845d2ebe1f18be72133d718cb2020495a633d5c05044b3245a623b506e8154505a74af9b83cec1ded72969a9a5de5ca82

    • SSDEEP

      12288:TqyRLu5aCWoevfZ1PUxHaoA7XGbdOv4c54e08MGHxBjvrEH7Uy:T3GeAxH1A7XGsvF54e08MGPrEH71

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks