Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    20241001d32fb0c267cc160cf3c3c4a90f9dfb31floxifmafia

  • Size

    3.7MB

  • Sample

    241001-k9wbxa1hnl

  • MD5

    d32fb0c267cc160cf3c3c4a90f9dfb31

  • SHA1

    980139b87746900d38e250bd97125026f48b6945

  • SHA256

    c089940c9734ebd4a3004228b0c9a20564d126aec5196749184d5cb344e39e3c

  • SHA512

    74bb5d2ecca4b3b2e1ffde4f2c0b3eaeaf5acc5f90c24c27d4f4fb51bb0db7902e1fa2868e2295475ed7e14a87250df871f8f8dad3e2527ace09f69f43ef8e8f

  • SSDEEP

    98304:XLGMieNZ7Xs3A7lmXdxk/0K+97p+mUamLyeKvcgD5Ou:XLeeDas0B7mLyeKhOu

Malware Config

Targets

    • Target

      20241001d32fb0c267cc160cf3c3c4a90f9dfb31floxifmafia

    • Size

      3.7MB

    • MD5

      d32fb0c267cc160cf3c3c4a90f9dfb31

    • SHA1

      980139b87746900d38e250bd97125026f48b6945

    • SHA256

      c089940c9734ebd4a3004228b0c9a20564d126aec5196749184d5cb344e39e3c

    • SHA512

      74bb5d2ecca4b3b2e1ffde4f2c0b3eaeaf5acc5f90c24c27d4f4fb51bb0db7902e1fa2868e2295475ed7e14a87250df871f8f8dad3e2527ace09f69f43ef8e8f

    • SSDEEP

      98304:XLGMieNZ7Xs3A7lmXdxk/0K+97p+mUamLyeKvcgD5Ou:XLeeDas0B7mLyeKhOu

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

    • Detects Floxif payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks