Overview

overview

10

Static

static

1

2024-10-05...ia.exe

windows7-x64

10

2024-10-05...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-05_409a30d9b88fab2fde374948489ea268_floxif_mafia

  • Size

    1.8MB

  • Sample

    241005-pm7hwashnn

  • MD5

    409a30d9b88fab2fde374948489ea268

  • SHA1

    6fc12b1d063227df904b20858da1ea7b0febb029

  • SHA256

    e9fd7aa3c5f49a01e18c720bf39d63bf7a0cc6566051198163c5b40f30ce0101

  • SHA512

    2657f92496f8455e8b49597fe4c90c2c2c8f652ef564a341ceeda4a5f1287c0a1dab6ad5f3aa996d686367861a7dff1457f04ad547b549718dbb22698b519783

  • SSDEEP

    49152:lI27JZDjxrJUf3gWdNcD3I7yAZHy1kiG8SuGNZ7Lk9LcdAGyL+w9//kqM01JuwX0:l3JZDVrc3hNcD3I7yAxy1suiZ7Lk9Up

Score
10/10
floxifbackdoordiscoverytrojanupx

Malware Config

Targets

    • Target

      2024-10-05_409a30d9b88fab2fde374948489ea268_floxif_mafia

    • Size

      1.8MB

    • MD5

      409a30d9b88fab2fde374948489ea268

    • SHA1

      6fc12b1d063227df904b20858da1ea7b0febb029

    • SHA256

      e9fd7aa3c5f49a01e18c720bf39d63bf7a0cc6566051198163c5b40f30ce0101

    • SHA512

      2657f92496f8455e8b49597fe4c90c2c2c8f652ef564a341ceeda4a5f1287c0a1dab6ad5f3aa996d686367861a7dff1457f04ad547b549718dbb22698b519783

    • SSDEEP

      49152:lI27JZDjxrJUf3gWdNcD3I7yAZHy1kiG8SuGNZ7Lk9LcdAGyL+w9//kqM01JuwX0:l3JZDVrc3hNcD3I7yAxy1suiZ7Lk9Up

    Score
    10/10
    floxifbackdoordiscoverytrojanupx

    • Floxif, Floodfix

      Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.

      backdoortrojanfloxif

    • Detects Floxif payload

      backdoor

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks